The Agent Skills Directory

[PROMPT_INJECTION]: The skill includes instructional blocks for the agent (e.g., regarding file size and metadata age). These are functional guidelines for the agent's operation and do not attempt to bypass safety filters or override system instructions.
[EXTERNAL_DOWNLOADS]: The skill references documentation from 'learn.microsoft.com' and suggests tools from the 'MicrosoftDocs' GitHub repository. These are trusted sources and well-known services provided by the vendor.
[DATA_EXFILTRATION]: No evidence of sensitive data access or exfiltration. Network operations are restricted to fetching documentation from verified Microsoft domains.
[INDIRECT_PROMPT_INJECTION]: While the skill ingests external content via 'microsoft_docs_fetch', the ingestion is limited to a trusted domain ('learn.microsoft.com').
Ingestion points: 'microsoft_docs_fetch' and 'fetch_webpage' calls in SKILL.md.
Boundary markers: Not explicitly defined in the prompt template, but the skill relies on structured tool outputs.
Capability inventory: Restricted to documentation retrieval and file reading.
Sanitization: Content is retrieved as Markdown from an official vendor source, which inherently lowers the risk of malicious payload injection.

azure-resiliency