infra-engineer
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The skill uses a piped-to-shell pattern to download and execute code from a remote source. Evidence:
curl -L https://aka.ms/InstallAzureCli | bash. This allows the remote server to execute arbitrary commands on the system. Although the domain is owned by Microsoft, it is not within the strictly defined 'Trusted External Sources' (GitHub organizations) or whitelisted domains provided in the security guidelines, and the execution method is inherently unsafe. \n- [COMMAND_EXECUTION] (HIGH): The skill executes arbitrary shell scripts via bash, bypassing standard security reviews and integrity checks associated with package managers.
Recommendations
- CRITICAL: Downloads and executes remote code from untrusted source(s): https://aka.ms/InstallAzureCli - DO NOT USE
- AI detected serious security threats
Audit Metadata