azure-security-audit
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to ingest and apply instructions from a project-local file (LESSONS.md). This creates an indirect prompt injection surface where untrusted content in the project repository could influence agent actions.
- Ingestion points: LESSONS.md (referenced in SKILL.md and AGENTS.md).
- Boundary markers: Absent; the instructions are integrated directly into the reasoning flow.
- Capability inventory: The skill provides patterns for executing infrastructure changes via Bicep and administrative actions via the Azure CLI (az) and Python scripts (SKILL.md, AGENTS.md).
- Sanitization: No sanitization or validation of the external file's content is specified.
Audit Metadata