azure-cost-management-app
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements browser automation for a specific, legitimate administrative workflow in Power BI. It does not attempt to access local sensitive files or exfiltrate data to unauthorized domains.
- [SAFE]: The instructions include a manual verification step for the user to confirm the app publisher is 'Microsoft Corporation' in the AppSource gallery, which serves as a mitigation against potential supply chain or indirect injection attacks from third-party published apps.
- [SAFE]: Authentication is performed via standard OAuth2 browser popups, and the skill explicitly instructs the agent to wait for the user to complete this step manually outside of the automated session, maintaining secure credential handling.
Audit Metadata