azure-operator-service-manager
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches documentation from official Microsoft domains (learn.microsoft.com) and references the MicrosoftDocs GitHub organization for utility installation. These are trusted vendor sources.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is designed to ingest untrusted data from external web pages which could contain instructions meant to influence the agent's behavior.
- Ingestion points: External documentation is retrieved via
mcp_microsoftdocs:microsoft_docs_fetchandfetch_webpagetools. - Boundary markers: None. The skill does not define specific delimiters or "ignore instructions" wrappers for the fetched content.
- Capability inventory: The skill has no capabilities for file writing, subprocess execution, or network data exfiltration.
- Sanitization: There is no evidence of content sanitization or validation of the fetched markdown.
- [NO_CODE]: The skill consists exclusively of markdown documentation and guidance. No scripts, binaries, or active code components are present.
Audit Metadata