Skills
skills/microsoft/azure-skills/azure-hosted-copilot-sdk/Gen Agent Trust Hub

azure-hosted-copilot-sdk

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • Trusted Resource Integration: The skill utilizes project templates from the azure-samples GitHub organization and references tools from well-known services. These resources are used to scaffold the necessary infrastructure and are sourced from established, trusted environments.
  • Secure Credential Orchestration: The workflow involves retrieving authentication tokens using the GitHub CLI (gh auth token) to facilitate service integration. The skill includes detailed guidance and code patterns for managing these tokens using Azure-native security features like Managed Identity and Azure RBAC, which helps prevent the exposure of sensitive secrets.
  • Dynamic Workspace Detection: The skill analyzes project metadata and source files to identify the presence of the Copilot SDK. This ensures that the agent applies the correct deployment and modification logic based on the specific requirements of the user's codebase.
  • Remote Package Execution: The instructions include the use of npx to execute utility tools from the Upstash registry. This is a common pattern for accessing up-to-date development tools from well-known providers.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 10:09 PM