azure-app-configuration

Pass

Audited by Gen Agent Trust Hub on May 29, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXPOSURE_AND_EXFILTRATION]: The skill performs network requests to fetch documentation from 'learn.microsoft.com'. As these requests target the vendor's official documentation and do not transmit sensitive local data, they are considered safe.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests and processes external content from documentation URLs which represents a potential attack surface.
  • Ingestion points: Remote documentation content is retrieved via 'mcp_microsoftdocs:microsoft_docs_fetch' or 'fetch_webpage' as described in the compatibility and 'How to Use' sections of 'SKILL.md'.
  • Boundary markers: There are no explicit instructions or delimiters defined to separate the fetched content from the agent's core instructions.
  • Capability inventory: The skill is primarily informational and does not include scripts or commands for local file modification, shell execution, or system changes.
  • Sanitization: The skill does not specify any sanitization or validation of the fetched markdown content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 29, 2026, 07:09 AM
Security Audit — agent-trust-hub — azure-app-configuration