The Agent Skills Directory

[Secure Authentication Patterns]: The skill correctly implements DefaultAzureCredential, which leverages managed identities and token-based authentication. This approach avoids the risks associated with managing and storing long-lived service principal secrets or API keys.
[Official Dependency Usage]: The skill references established packages (azure-ai-projects, azure-identity) from the vendor's official distribution channels, supporting a verified supply chain for agent development.
[Indirect Prompt Injection Surface]: The agents created using this skill can be configured with capabilities like file_search and MCP tool integration. As these features allow agents to process external or untrusted data, developers should consider implementing prompt boundary markers or validation logic to mitigate potential indirect prompt injection during runtime.
[Secret Management Best Practices]: The documentation explicitly identifies hardcoded credentials as an anti-pattern and provides clear guidance on using environment variables or secure vaults for sensitive configuration, reducing the likelihood of accidental credential exposure.

hosted-agents-v2-py