azure-architecture
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches documentation from the official Microsoft Learn domain.
- Evidence: The skill contains an index of URLs pointing to
learn.microsoft.comfor reference architectures, solution ideas, and design patterns. - [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes external web content.
- Ingestion points: The skill uses
mcp_microsoftdocs:microsoft_docs_fetchandfetch_webpageto ingest external Markdown content into the agent's context. - Boundary markers: The skill does not define specific delimiters for the ingested content.
- Capability inventory: The skill performs documentation retrieval and does not have access to dangerous capabilities like file system modification, privilege escalation, or shell command execution.
- Sanitization: No explicit sanitization or filtering is described for the retrieved documentation content.
Audit Metadata