azure-monitor
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'az' (Azure CLI) and 'jq' utilities to interact with Azure Monitor services. It retrieves information like metrics, alerts, and log analytics data through specific CLI commands such as 'az monitor metrics list' and 'az monitor log-analytics query'.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests data from external Azure logs.
- Ingestion points: Output of 'az monitor log-analytics query' and 'az monitor activity-log list' as shown in SKILL.md.
- Boundary markers: Absent.
- Capability inventory: Subprocess execution of 'az', 'jq', and 'head' for data retrieval and formatting.
- Sanitization: Absent.
- [SAFE]: The skill does not contain hardcoded credentials, malicious scripts, or data exfiltration logic. It uses placeholders for subscription and workspace IDs, ensuring sensitive information is not exposed in the code. No direct prompt injection or obfuscation patterns were identified.
Audit Metadata