azd-deployment
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill documents the use of the Azure Developer CLI (
azd) and Azure Bicep for infrastructure-as-code (IaC). All examples provided use standard Azure CLI patterns and target official Microsoft services. - [COMMAND_EXECUTION]: Utilizes lifecycle hooks in the
azure.yamlfile to execute shell commands during the deployment process. These hooks are used for legitimate automation tasks, such as printing deployment URIs or configuring Azure Role-Based Access Control (RBAC) via theazCLI. The use of managed identities (SystemAssigned) is correctly promoted for secure service-to-service authentication. - [CREDENTIALS_UNSAFE]: The skill explicitly advises against hardcoding secrets, recommending the use of
azd env setto manage sensitive values securely within the environment configuration rather than storing them in parameter files.
Audit Metadata