azuresql-db-local-to-cloud
Pass
Audited by Gen Agent Trust Hub on Jul 8, 2026
Risk Level: SAFE
Full Analysis
- Container Image Reference: The skill references a specific container image from an Azure Container Registry (
sqldbpreview-dpgaeqhmgphzd4bk.azurecr.io). This is used to provide an environment that accurately mimics Azure SQL Database for local development and is consistent with the skill's stated purpose. - Local Credential Management: The instructions include example credentials for a local Docker container (
MSSQL_SA_PASSWORD=YourStr0ng_Passw0rd). These are used exclusively for local bootstrap and provisioning of the development environment. The skill correctly advises against using passwords for cloud connections, recommending Microsoft Entra ID instead. - SQL Injection Mitigation: All code examples provided (Node.js, .NET, and Python) utilize parameterized queries (e.g., using
@titleor?placeholders). This is a standard security best practice to protect against SQL injection attacks. - Authentication Best Practices: The skill explicitly guides users toward identity-based authentication (Entra ID) for cloud deployments, which is a more secure alternative to static secrets in connection strings.
Audit Metadata