Skills
skills/housegarofalo/claude-code-base/azure-container-apps/Gen Agent Trust Hub

azure-container-apps

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [SAFE]: The skill exclusively uses official Azure CLI (az) commands for cloud resource management, which is appropriate for its stated purpose.
  • [SAFE]: External images are pulled from mcr.microsoft.com, a well-known and trusted source.
  • [SAFE]: The skill handles sensitive data using placeholders like <WORKSPACE_ID> and secret-value, preventing hardcoded credential exposure.
  • [COMMAND_EXECUTION]: The skill generates shell commands to interact with Azure services. While powerful, this is the intended function for a deployment skill.
  • [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection by interpolating user-provided inputs into shell commands.
  • Ingestion points: Command-line arguments and YAML values in SKILL.md.
  • Boundary markers: Not present.
  • Capability inventory: Modification of Azure infrastructure via subprocess execution of the az CLI.
  • Sanitization: No input validation is implemented in the provided templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 11:08 AM
Security Audit — agent-trust-hub — azure-container-apps