microsoft-foundry
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [Official Resource Integration]: The skill automates the download of agent starter samples from official Microsoft GitHub repositories (microsoft-foundry/foundry-samples). This automation facilitates rapid onboarding by providing verified templates for agent development.
- [Infrastructure Management Commands]: Deployment and resource management workflows utilize standard tools including Azure CLI, Docker, and language package managers (pip, dotnet). These commands are used to provision Azure AI Services, build container images, and manage model deployments following official Microsoft patterns.
- [Telemetry and Configuration Handling]: For troubleshooting and monitoring, the skill queries Application Insights and manages project configuration data. The instructions include security-conscious steps such as masking sensitive values during user confirmation and assigning appropriate RBAC roles to managed identities.
- [Automated Verification Workflows]: The skill includes steps to verify agent startup by installing dependencies and running the code locally. These operations are performed using standard developer tools and target official Microsoft packages and SDKs.
- [Secure Authentication Guidance]: Reference documentation within the skill provides detailed instructions on using Azure managed identities and RBAC for production environments, while reserving broader credentials for local development only.
Audit Metadata