The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies on executing shell commands via the Azure CLI (az) and jq to query resource availability and metadata. These commands are executed in the host environment and perform operations such as listing SKUs and checking quotas.- [DATA_EXFILTRATION]: The skill queries subscription-level metadata, including quota usage, resource availability, and provider registration status. While this is the intended functionality, it involves accessing potentially sensitive configuration and usage data from the Azure environment.- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection and command injection through its data ingestion process. It extracts variables from external files and user input to construct shell commands.
Ingestion points: The skill parses template.json, requirements.json, and direct user input to extract values for {region}, {sku_name}, {namespace}, and {resourceType}.
Boundary markers: Absent. The instructions do not provide delimiters or instructions to the agent to treat input data as non-executable content.
Capability inventory: The skill uses shell subprocess calls to execute az and jq commands based on interpolated variables.
Sanitization: Absent. The skill does not specify any validation, filtering, or escaping of the strings parsed from input files before they are used as arguments in shell commands.

azure-resource-availability