azure-keyvault-keys-ts
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [CREDENTIALS_UNSAFE] (SAFE): The skill correctly implements and recommends DefaultAzureCredential for authentication, which avoids hardcoded credentials. It explicitly labels hardcoded secrets as an anti-pattern in the acceptance criteria.
- [EXTERNAL_DOWNLOADS] (SAFE): All dependencies are official Microsoft Azure SDK packages (@azure/keyvault-keys, @azure/identity, @azure/keyvault-secrets) which are trusted sources.
- [DATA_EXFILTRATION] (SAFE): The skill's operations are limited to the Azure Key Vault service via authenticated clients. There are no patterns suggesting data exfiltration to unauthorized third parties.
- [COMMAND_EXECUTION] (SAFE): Shell commands are restricted to standard package installations (npm install). No dangerous or obfuscated command execution was found.
Audit Metadata