azure-devtest-labs
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the
mcp_microsoftdocstool and fetches documentation fromlearn.microsoft.com. These are official resources from a trusted organization (Microsoft) and well-known service domains. - [PROMPT_INJECTION]: No malicious instruction overrides, role-play bypasses, or system prompt extraction patterns were detected. The instructions provided are standard operational guidelines for the agent.
- [DATA_EXFILTRATION]: No hardcoded credentials or access to sensitive local file paths (such as SSH keys or environment variables) were found. Network operations are limited to fetching documentation from trusted sources.
- [COMMAND_EXECUTION]: The skill does not contain any shell commands, subprocess calls, or scripts that execute arbitrary code. It primarily serves as a structured index of documentation URLs.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external URLs (
learn.microsoft.com) at runtime. While this presents a surface for indirect injection, the sources are official Microsoft documentation sites, posing minimal risk in this context.
Audit Metadata