azure-app-testing

Pass

Audited by Gen Agent Trust Hub on May 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches documentation from Microsoft's official documentation site (learn.microsoft.com) to provide up-to-date information to the agent.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by design, as it ingests content from external web pages.
  • Ingestion points: Documentation is retrieved from learn.microsoft.com using mcp_microsoftdocs:microsoft_docs_fetch or fetch_webpage (SKILL.md).
  • Boundary markers: There are no explicit delimiters or boundary markers defined for the fetched documentation content.
  • Capability inventory: The skill is limited to reading files and fetching web pages; it does not contain capabilities for arbitrary command execution, file system modification, or credential access.
  • Sanitization: No specific sanitization or filtering logic is mentioned for the fetched content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 22, 2026, 01:08 AM
Security Audit — agent-trust-hub — azure-app-testing