azd-deployment
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: Analysis of the skill body and metadata reveals no malicious patterns, unauthorized credential access, or obfuscation. The documented processes align with official Microsoft Azure guidelines.
- [PROMPT_INJECTION]: The skill documents the use of shell hooks (preprovision, postprovision) in the azure.yaml file, which represents a surface for indirect prompt injection. However, this is an intended feature of the deployment tool and its inclusion is for legitimate purposes.
- Ingestion points: Local project configuration files including azure.yaml and Bicep infrastructure-as-code templates.
- Boundary markers: Standard tool-defined execution boundaries are used, with no specific delimiters provided in the documentation.
- Capability inventory: The workflow utilizes the azd and az CLI tools for resource provisioning, role-based access control, and application deployment.
- Sanitization: The skill promotes security by advising users to manage secrets via environment variables using the azd env set command instead of hardcoding them in configuration files.
Audit Metadata