azure-resource-lookup
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- Command Generation Framework: The skill utilizes a structured workflow to translate user requests into Azure Resource Graph (ARG) queries. This allows the agent to provide detailed resource inventories using the official
az graph querycommand, which is the standard approach for cross-subscription lookups. - Official Extension Integration: The skill references the
resource-graphAzure CLI extension. This is a legitimate, Microsoft-provided component required to interact with the Azure Resource Graph API. - Read-Only Discovery Focus: The instructions and provided KQL patterns are focused exclusively on data retrieval and analysis (listing resources, identifying orphaned items, and checking tag compliance). It explicitly constrains the agent from attempting to deploy or modify resources, maintaining a safe operational scope.
- Structured Query Patterns: By providing pre-defined KQL templates for common tasks like finding unattached disks or missing tags, the skill ensures that the agent uses efficient and well-formed queries for Azure resource metadata.
Audit Metadata