Skills
skills/thinkfleetai/thinkfleet-engine/azure-service-bus/Gen Agent Trust Hub

azure-service-bus

Fail

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill includes a specific command to retrieve the 'RootManageSharedAccessKey' primary connection string via the Azure CLI. This key grants full administrative control over the Service Bus namespace, and its retrieval exposes sensitive credentials to the agent's output and logs.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through message processing.
  • Ingestion points: Untrusted data enters the agent context via the az servicebus queue peek command which retrieves message bodies from external queues.
  • Boundary markers: The skill lacks delimiters or explicit instructions to the agent to ignore or isolate embedded commands within the retrieved message bodies.
  • Capability inventory: The skill performs system-level operations using az and jq binaries.
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the message content before it is processed by the agent.
  • [COMMAND_EXECUTION]: The skill executes shell commands using the az (Azure CLI) and jq utilities. While these are standard tools, the execution of commands that retrieve secrets or process external data requires strict environment controls.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 1, 2026, 05:13 AM