azure-netapp-files
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill is configured to retrieve technical documentation from official Microsoft domains (learn.microsoft.com) using the mcp_microsoftdocs:microsoft_docs_fetch tool or fetch_webpage. These are trusted sources for technical content and follow the vendor's established infrastructure.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection in SKILL.md by processing external documentation content. 1. Ingestion points: Documentation fetched from learn.microsoft.com. 2. Boundary markers: Absent; no specific delimiters or instructions to ignore embedded commands are provided. 3. Capability inventory: Documentation retrieval; further capabilities depend on the host agent's environment. 4. Sanitization: Absent; no specific validation or filtering of the remote content is defined in the skill.
- [NO_CODE]: The skill consists entirely of markdown-based metadata and documentation indices, with no embedded scripts, binaries, or automated installation processes.
Audit Metadata