The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (SAFE): Uses azd init to fetch infrastructure templates from the Azure-Samples GitHub organization. While not on the developer's explicit whitelist, this is an official Microsoft repository used for standard project initialization.
[COMMAND_EXECUTION] (LOW): Orchestrates Azure CLI (az) and Azure Developer CLI (azd) commands for provisioning and management. Includes a 'Run-Fix' loop in the agent creation sub-skill that executes generated Python code locally for verification purposes; this is standard for scaffolding tools but involves the execution of newly written files.
[DATA_EXFILTRATION] (SAFE): Network activity is restricted to authenticated Azure Management REST APIs and official service endpoints (e.g., ai.azure.com, management.azure.com). No suspicious data transfers to unknown third-party domains were found.
[INDIRECT_PROMPT_INJECTION] (LOW): The skill identifies a surface for indirect injection as it processes user-provided project and model names for CLI interpolation.
Ingestion points: User-supplied strings for project names, model versions, and deployment names (found in project/create/create-foundry-project.md and models/deploy-model/customize/SKILL.md).
Boundary markers: Placeholders are used in environment configuration, but explicit prompt delimiters are not enforced for user input.
Capability inventory: Subprocess execution of az and azd CLI, local file writing, and Python execution for agent verification.
Sanitization: Implements alphanumeric and hyphen validation (regex ^[\w.-]{2,64}$) for names to prevent command injection or formatting escapes.

microsoft-foundry