microsoft-foundry
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- Ingestion of Untrusted Data: The skill includes workflows for analyzing production traces and evaluation results from Application Insights. While this is necessary for observability and optimization, it involves processing data generated by external users or agent interactions. Ingestion points: Data is retrieved via monitor_resource_log_query from Application Insights (e.g., foundry-agent/trace/trace.md). Boundary markers: The skill relies on structured KQL queries to isolate specific GenAI attributes but does not explicitly define prompt boundary markers for all processed text. Capability inventory: The skill can perform significant operations including model deployment, agent updates via agent_update, and container management via Docker and Azure CLI (e.g., foundry-agent/deploy/deploy.md). Sanitization: The skill performs schema-based extraction of queries and responses for clustering and analysis (e.g., foundry-agent/observe/references/analyze-results.md).
- External Content Retrieval: The skill automates the downloading of agent samples and templates from official Microsoft repositories on GitHub. Evidence: The create.md file uses curl and the GitHub API to fetch files from the microsoft-foundry/foundry-samples repository. This is a standard feature for bootstrapping new projects with official templates.
- Resource Management Operations: The skill utilizes the Azure CLI (az) and MCP tools for control-plane operations such as creating resources, managing quotas, and deploying models. Evidence: Files like quota.md and deploy.md document extensive use of az cognitiveservices commands. These operations are governed by Azure RBAC and are intended for authorized developer use.
Audit Metadata