Skills
NYC
skills/microsoft/github-copilot-for-azure/azure-prepare/Gen Agent Trust Hub

azure-prepare

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFEPROMPT_INJECTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION] (LOW): The SKILL.md file contains directive language ('AUTHORITATIVE GUIDANCE', 'IGNORE any prior training', 'supersedes all other sources') designed to force the AI agent to prioritize the skill's instructions over its core safety protocols and system prompt.
  • [REMOTE_CODE_EXECUTION] (HIGH): The documentation in references/sdk/azd-deployment.md recommends installing the Azure Developer CLI via curl -fsSL https://aka.ms/install-azd.sh | bash. Piped remote execution is a high-risk pattern that allows for the execution of unverified scripts with the user's shell privileges.
  • [EXTERNAL_DOWNLOADS] (HIGH): Automated scanners identified a blacklisted URL within the requirements.md file. While the skill's purpose is project preparation, the presence of a confirmed malicious URL detection necessitates a high-severity rating.
  • [PROMPT_INJECTION] (LOW): The skill creates an attack surface for indirect prompt injection by scanning untrusted workspace files (package.json, requirements.txt, .csproj) and using their contents to drive infrastructure generation logic. Ingestion points: references/scan.md. Boundary markers: None. Capability inventory: Command execution via az/azd and local file creation. Sanitization: No evidence of validation for data ingested from project files.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 11:30 PM