azure-validate
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- Infrastructure as Code Processing: The skill is designed to process and validate project-specific infrastructure files, including Bicep templates, Terraform configurations, and Azure Developer CLI (AZD) YAML files. This is a core part of its intended deployment validation functionality.
- Enforcement of Confirmation Protocols: A mandatory global rule is established requiring the use of
ask_userfor any potentially destructive, costly, or irreversible actions, such as resource deletion or security policy modifications. This provides a critical safeguard against accidental impact. - Standard Tooling Integration: The skill utilizes established command-line interfaces, including the Azure CLI, Terraform, and Docker, to perform syntax checks, linting, and 'what-if' previews. These tools are used according to official vendor documentation for pre-flight validation.
- Structured Workflow Dependency: The skill enforces a strict operational sequence by requiring a preceding 'prepare' phase and verifying the existence of a signed-off deployment plan (
.azure/plan.md) before validation proceeds. - Data Ingestion Considerations: While the skill reads external data from infrastructure files to interpolate into commands (e.g., location and subscription parameters), it includes steps for schema validation and manual environment verification to ensure data integrity.
Audit Metadata