azure-diagnostics
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Employs Azure CLI (
az) and Docker commands to perform troubleshooting actions like scaling replicas, setting registry identities, and streaming logs. - [EXTERNAL_DOWNLOADS]: Interacts with Azure-hosted health endpoints and links to official Microsoft documentation for KQL and monitoring references.
- [PROMPT_INJECTION]: Potential for indirect prompt injection through log data ingestion.
- Ingestion points: Reads application logs and exception messages via KQL queries defined in
references/kql-queries.md. - Boundary markers: None present; log contents are directly queried and displayed.
- Capability inventory: Includes the ability to execute
az containerapp updateandaz containerapp registry setcommands (inreferences/container-apps/README.md). - Sanitization: No explicit sanitization or filtering of log content is implemented before processing.
- [SAFE]: All resource references, tools, and commands align with the official vendor's (Microsoft) troubleshooting procedures and utilize their own cloud infrastructure.
Audit Metadata