Azure Resource Visualizer
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions include standard Azure CLI (
az) and PowerShell commands to query infrastructure metadata. These operations are limited to read-only resource listing and description which is appropriate for visualization tasks. - [DATA_EXFILTRATION]: Resource metadata is processed locally to generate text-based diagrams (Mermaid, PlantUML). No evidence was found of unauthorized network transmission or exfiltration of sensitive configuration data to unknown external domains.
- [PROMPT_INJECTION]: No malicious instruction override patterns, role-play injections, or attempts to extract system prompts were detected in the skill's instructions or metadata.
- [REMOTE_CODE_EXECUTION]: The provided Node.js and PowerShell scripts operate on local files and CLI outputs. They do not download or execute code from remote sources or use unsafe execution patterns like
eval()on untrusted data. - [EXTERNAL_DOWNLOADS]: The skill references well-known and trusted services such as Mermaid.js, PlantUML, and official Microsoft Azure documentation for user reference. No automated or hidden downloads are performed.
Audit Metadata