entra-app-registration
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- User Input Handling in Generated Commands: The skill creates CLI commands and code snippets based on user-provided data like application names and redirect URIs. While this is essential for its functionality, it represents a surface where maliciously formatted user input could potentially alter the intended command. This is a common consideration for skills that generate executable code or CLI strings.
- Ingestion points: User-provided variables such as application names and redirect URIs enter the agent context in SKILL.md and references/cli-commands.md.
- Boundary markers: No specific delimiters or 'ignore embedded instructions' warnings are used when interpolating these variables into command templates.
- Capability inventory: The skill involves executing Azure CLI commands (az ad app create) and generating source code for Python, .NET, and Node.js.
- Sanitization: The provided templates do not include explicit validation or escaping logic for external content before it is processed by the command line or interpreted as code.
Audit Metadata