azure-functions-agents

SUSPICIOUS. The skill is broadly aligned with its Azure Functions agent-building purpose and mostly uses official Microsoft/GitHub tooling, so it does not look fundamentally malicious. Risk is elevated because it asks the agent to perform real provisioning/deployment actions, handle a GitHub PAT, and potentially route data through configurable remote MCP endpoints; additionally, provenance for azurefunctions-agents-runtime was only partially verified from the provided evidence.