azure-upgrade
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Command Execution for Automation: The skill generates and runs Azure CLI commands to identify, assess, and migrate resources. These operations are core to the skill's utility and occur within the user's authenticated Azure environment.
- External Data Processing: To facilitate migration, the skill ingests existing application settings and configurations. This constitutes an indirect prompt injection surface: (1) Ingestion points: Data is collected via commands in
references/services/functions/automation.md; (2) Boundary markers: There are no explicit markers or warnings used when incorporating this data into the workflow; (3) Capability inventory: The skill has broad capabilities including shell execution and resource modification; (4) Sanitization: The skill does not demonstrate specific sanitization or validation of the ingested configuration values. - Identity-First Security: The skill promotes high-security standards by guiding users toward Managed Identities and identity-based access, which reduces the risk associated with static credentials.
- Operational Safeguards: The workflow includes specific rules that require human confirmation for destructive actions like deleting or stopping existing applications, ensuring the user maintains control over the migration process.
Audit Metadata