azure-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill requests permission for
Bash(az:*). While powerful, this is the primary intended function of an Azure Expert skill and is used for resource management. - [CREDENTIALS_UNSAFE] (SAFE): Example code includes placeholders like
YOUR_KEYand generic endpoints, following safe documentation practices. - [INDIRECT_PROMPT_INJECTION] (LOW): The Azure Function examples demonstrate ingesting data from external triggers (HTTP/Queue), which represents a standard but note-worthy attack surface. Ingestion points:
req.get_json()andmsg.get_body(). Boundary markers: None. Capability inventory: Full Azure CLI (az) access. Sanitization: Not demonstrated in the simplified examples.
Audit Metadata