Skills
skills/julianobarbosa/claude-code-skills/azure-finops/Gen Agent Trust Hub

azure-finops

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill documentation defines several Azure CLI (az) and Resource Graph queries used to list subscriptions, reservations, and identify orphaned resources (disks, public IPs, and VMs). These are standard operations for a cloud cost optimization tool and are described as read-only.
  • [PROMPT_INJECTION]: The skill features an indirect prompt injection surface (Category 8) due to the ingestion and processing of external Azure metadata into stakeholder reports.
  • Ingestion points: The skill ingests data from Azure environments via az graph query and various mcp__azure__* tools in the Workflows/ValidateCosts.md, Workflows/FindWaste.md, and Workflows/CoverageAnalysis.md workflows.
  • Boundary markers: There are no explicit delimiters or instructions to treat data from the cloud environment as untrusted or to ignore instructions embedded within resource names or metadata.
  • Capability inventory: The agent has access to system command execution via the CLI, the ability to read comprehensive cloud infrastructure data, and the capability to write local files to the Plans/ directory as described in Workflows/DraftResponse.md.
  • Sanitization: No evidence of input validation, escaping, or filtering of external resource names or tags is present before the data is used to generate executive responses.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 01:13 PM