azure-variable-groups
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill provides documentation and examples for using the
az pipelines variable-groupcommand. These are standard Azure DevOps management operations and do not involve unauthorized or hidden command execution. - [DATA_EXFILTRATION] (SAFE): No evidence of credential exposure or unauthorized data transmission. Examples use generic placeholders for variables (e.g.,
DATABASE_HOST,API_URL) and correctly reference Azure Key Vault for sensitive secrets. - [PROMPT_INJECTION] (SAFE): The content consists purely of technical documentation and examples without any attempts to manipulate agent behavior or bypass safety constraints.
- [EXTERNAL_DOWNLOADS] (SAFE): No external dependencies, scripts, or remote binaries are referenced or downloaded.
- [INDIRECT_PROMPT_INJECTION] (LOW): While the skill enables the modification of Azure Pipeline configurations (a write capability), it does not automatically ingest or process untrusted external data in its current form. The risk is limited to the agent's implementation of these commands.
Audit Metadata