sqldw-operations-cli
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Standard Tool Integration: The skill leverages widely-used command-line tools including
sqlcmd,azCLI, andjqto perform its primary function of database performance analysis. - Authentication Best Practices: Rather than using hardcoded credentials, the skill relies on Azure Entra ID authentication (
sqlcmd -G) and token acquisition via the officialazCLI. - Data Ingestion Surface: The skill reads diagnostic information from internal
queryinsightsviews. While this introduces an ingestion surface for external data (Category 8), the behavior is restricted to read-only monitoring views and is central to the skill's intended purpose. - Query Tracing and Observability: Instructions include the use of query labels (
OPTION (LABEL = '...')), which is a recommended practice for auditing and tracing agent-initiated database operations. - Environment Discovery: The skill uses official Microsoft Fabric REST APIs (
api.fabric.microsoft.com) to dynamically discover connection endpoints, ensuring it interacts with legitimate service infrastructure. - Operational Optimization Guidance: Suggestions for database optimization, such as clustering recommendations, are presented as guided workflows that the user or agent can execute using standard T-SQL patterns (CTAS and
sp_rename).
Audit Metadata