azure-firewall-manager
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses tools like
mcp_microsoftdocs:microsoft_docs_fetchandfetch_webpageto retrieve documentation from thelearn.microsoft.comdomain. These sources are official Microsoft repositories and are classified as well-known, trusted services. - [PROMPT_INJECTION]: The skill contains instructional text for the AI agent to manage large files and versioning (e.g., 'IMPORTANT for Agent'). These are functional guidelines intended to optimize performance and accuracy, not attempts to override safety filters or manipulate behavior.
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection by design, as it processes content fetched from external web sources.
- Ingestion points: Documentation content is retrieved dynamically from external URLs under the
learn.microsoft.comdomain. - Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the fetched content.
- Capability inventory: The skill does not have permissions or tools for arbitrary command execution, file system modification, or sensitive data access.
- Sanitization: There is no explicit sanitization logic for the remote data within the skill's instructions.
Audit Metadata