azure-dedicated-hsm

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches documentation content from learn.microsoft.com. This is an official domain and a well-known service for Microsoft's technical documentation.
  • [COMMAND_EXECUTION]: Instructs the agent to use mcp_microsoftdocs tools and provides an installation link to the author's official GitHub repository (github.com/MicrosoftDocs/mcp). These are legitimate vendor resources consistent with the skill's purpose.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external URLs. While this represents a potential attack surface for indirect prompt injection, the risk is mitigated by the use of official, trusted documentation sources (learn.microsoft.com).
  • Ingestion points: URLs defined in the Category Index tables within SKILL.md.
  • Boundary markers: None identified.
  • Capability inventory: Uses fetch_webpage and mcp_microsoftdocs:microsoft_docs_fetch to retrieve external content.
  • Sanitization: None identified.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 07:10 PM
Security Audit — agent-trust-hub — azure-dedicated-hsm