The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/process.py utilizes the subprocess.run method to execute Azure CLI (az) commands for environment auditing. The implementation uses argument lists and avoids shell=True, which is a secure practice that prevents command injection vulnerabilities.
[EXTERNAL_DOWNLOADS]: The Python tools in scripts/agent.py and scripts/process.py interact with official Microsoft Graph API and OAuth2 endpoints (graph.microsoft.com and login.microsoftonline.com). These communications are directed to well-known, trusted service domains necessary for the skill's auditing functionality.
[CREDENTIALS_UNSAFE]: The skill requires Azure credentials to function, but it manages them securely by accepting them as command-line arguments at runtime. No hardcoded secrets, keys, or insecure credential storage patterns were detected in the source code.

detecting-azure-service-principal-abuse