Skills
skills/olino3/forge/azure-auth/Gen Agent Trust Hub

azure-auth

Fail

Audited by Gen Agent Trust Hub on Feb 13, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill processes untrusted external data (project files and metadata) to generate security-sensitive authentication and middleware code.
  • Ingestion points: Step 1 gathers Azure AD configuration and reads package.json; Step 2 loads project_overview.md and common_patterns.md from the project's memory.
  • Boundary markers: Absent. The instructions do not define delimiters to isolate external project content from the agent's logic.
  • Capability inventory: The skill generates executable authentication code (MSAL configuration, JWT validation logic) and has file-write permissions (Step 5 saves files to /claudedocs/).
  • Sanitization: Absent. There is no specified validation or escaping for the project-sourced data before it is interpolated into code templates.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill references the jose and msal libraries and fetches public keys from Microsoft's JWKS endpoint.
  • Evidence: Step 4d specifies downloading keys from https://login.microsoftonline.com/{tenantId}/discovery/v2.0/keys.
  • Trust Scope: These are trusted sources (Microsoft and standard OIDC discovery), downgrading the download risk to LOW.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 13, 2026, 09:42 PM