Skills
skills/microsoftdocs/agent-skills/azure-fluid-relay/Gen Agent Trust Hub

azure-fluid-relay

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill is designed to retrieve documentation from learn.microsoft.com using the mcp_microsoftdocs:microsoft_docs_fetch tool or the fetch_webpage function. These operations target a well-known service associated with the skill's author (MicrosoftDocs).
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by ingesting and processing content from external web pages.
  • Ingestion points: The skill retrieves remote documentation via the microsoft_docs_fetch and fetch_webpage tools as defined in the SKILL.md compatibility section.
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings when presenting the fetched content to the agent.
  • Capability inventory: The skill itself does not currently define local command execution, file-writing, or sensitive network capabilities, which limits the potential impact of an injection.
  • Sanitization: There is no mention of sanitizing, escaping, or validating the Markdown content retrieved from the remote source before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 01:41 AM