azure-information-protection
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches technical documentation from official Microsoft domains ("learn.microsoft.com"). This behavior is consistent with the skill's stated purpose.
- [REMOTE_CODE_EXECUTION]: Provides links to the official MicrosoftDocs GitHub repository for tool installation instructions related to the Model Context Protocol (MCP).
- [DATA_EXFILTRATION]: Includes a tracking query parameter ("from=learn-agent-skill") in documentation requests to identify the source of the traffic for telemetry. No sensitive information is exfiltrated.
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes external content fetched via "fetch_webpage" and "microsoft_docs_fetch".
- Ingestion points: External documentation content retrieved from "learn.microsoft.com".
- Boundary markers: Absent; there are no specific delimiters or instructions to ignore embedded commands in the fetched data.
- Capability inventory: The skill references "read_file" capabilities; additional agent tools may exist depending on the environment.
- Sanitization: None described within the skill instructions.
Audit Metadata