microsoft-foundry
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- Trusted External Resource Access: The skill downloads agent samples and templates from the official
microsoft-foundry/foundry-samplesGitHub repository. These downloads are performed using standard tools likecurland theghCLI. Since the source is a trusted organization, these operations are considered safe and consistent with the skill's primary purpose of facilitating agent development. - Standard Credential Management: The skill emphasizes the use of
DefaultAzureCredentialfor local development andManagedIdentityCredentialfor production. It correctly advises against hardcoding secrets and suggests using environment variables or.envfiles, which aligns with industry best practices for secure authentication. - Controlled Command Execution: Commands are primarily executed through the Azure CLI (
az) and specialized MCP tools. The skill provides clear guidance on the necessary RBAC roles (such as Cognitive Services Contributor or Azure AI Owner) required to perform management operations, ensuring that the principle of least privilege is maintained. - Data Processing and Telemetry: The skill includes sub-skills for analyzing traces and evaluation results using Application Insights. These operations involve standard KQL queries to monitor agent performance and do not involve unauthorized data exfiltration or exposure of sensitive user information.
- Indirect Prompt Injection Surface: The evaluation and trace analysis workflows involve processing agent responses and production telemetry. While this presents a surface for indirect prompt injection, the skill utilizes established Azure AI Foundry evaluation frameworks and judge models which incorporate safety guardrails to mitigate these risks.
Audit Metadata