infra-engineer
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGH
Full Analysis
- [REMOTE_CODE_EXECUTION] (LOW): The automated scan detected a piped remote execution pattern (
curl | bash) for the Azure CLI installation. According to the [TRUST-SCOPE-RULE], because the source is a Trusted Organization (Microsoft via aka.ms), this finding is downgraded to LOW/INFO. It is a standard vendor-provided installation method. - [EXTERNAL_DOWNLOADS] (SAFE): Several files in
references/(such asaws-overview.mdandgcloud-platform.md) provide instructions for downloading official CLI tools from trusted domains including amazonaws.com, google.com, and github.com. These are standard resources for a DevOps-focused skill. - [COMMAND_EXECUTION] (SAFE): The
scripts/cloudflare_deploy.pyutility uses thesubprocess.runmodule to execute thewranglerCLI. The command is constructed as a list, which prevents shell injection, and its purpose matches the stated goal of the skill (Cloudflare deployment). - [CREDENTIALS_UNSAFE] (SAFE): The
.env.examplefile contains placeholders for API tokens and access keys. No hardcoded secrets or sensitive credentials were found in the functional code or documentation.
Recommendations
- HIGH: Downloads and executes remote code from: https://aka.ms/InstallAzureCli - DO NOT USE without thorough review
Audit Metadata