azure-prepare
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFE
Full Analysis
- Strong Security Posture: The skill documentation and generated artifacts consistently prioritize security best practices, including the use of Azure Key Vault for secrets, Managed Identities for service-to-service authentication, and Entra-only authentication for SQL databases.
- Vendor-Owned Resources: All external resources, including download URLs (e.g., aka.ms), documentation links, and container images, originate from official Microsoft domains or repositories, ensuring a trusted chain of custody.
- Automated Permission Management: Included scripts for granting database access (
grant-sql-access.sh/ps1) are designed for legitimate automation of data-plane permissions using standard Azure CLI tools and identity-based authentication. - Comprehensive Environment Hardening: The skill includes detailed guidance for runtime-specific security settings, such as configuring 'trust proxy' for Node.js apps behind load balancers and enforcing TLS 1.2+ for all services.
Audit Metadata