apm-usage
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- Installation Resources: The skill provides installation commands that retrieve scripts from official Microsoft domains (aka.ms). This is a standard and safe distribution method for the APM tool.
- Authentication Management: The documentation outlines secure methods for managing authentication tokens using environment variables. It provides examples of per-organization setup and supports Enterprise Managed Users (EMU) and SSO, following security best practices.
- Security Governance Features: The skill includes documentation for a policy engine (apm-policy.yml) designed to audit and enforce security constraints on dependencies and MCP servers, which helps teams maintain a secure environment.
- Content Integrity: The skill emphasizes the requirement for ASCII-only source files and output, which serves as a safeguard against character-based obfuscation and homoglyph attacks.
- Tool Command Reference: The skill documents various CLI commands for managing agent packages and scripts. These commands are part of the core functionality of the Agent Package Manager.
Audit Metadata