pulumi-arm-to-pulumi

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: Detailed analysis of the skill did not reveal any malicious patterns, obfuscation, or unauthorized data access.
  • [COMMAND_EXECUTION]: The skill utilizes legitimate shell commands for Azure resource management and Pulumi operations, such as az resource show and pulumi config set. These are standard tools for the skill's stated purpose of infrastructure migration.
  • [EXTERNAL_DOWNLOADS]: All external references and documentation links point to official Microsoft (learn.microsoft.com) and Pulumi (pulumi.com) websites, which are trusted and well-known services.
  • [CREDENTIALS_UNSAFE]: The skill promotes secure credential handling by using Pulumi ESC environment variables ($ARM_CLIENT_ID, $ARM_TENANT_ID, etc.) rather than hardcoding secrets or prompting for insecure input.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 09:13 AM
Security Audit — agent-trust-hub — pulumi-arm-to-pulumi