azure-deployment-environments

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches documentation from Microsoft's official domain (learn.microsoft.com) using tools like mcp_microsoftdocs or fetch_webpage. This behavior is consistent with the skill's purpose as a documentation assistant.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from remote URLs, which represents a potential surface for indirect prompt injection.
  • Ingestion points: Documentation content retrieved from learn.microsoft.com via microsoft_docs_fetch and fetch_webpage.
  • Boundary markers: No explicit delimiters or warnings to ignore embedded instructions are provided in the instructions.
  • Capability inventory: The skill is primarily informational and lacks dangerous local capabilities such as file system writing or arbitrary command execution.
  • Sanitization: No sanitization of the remote content is specified.
  • [REMOTE_CODE_EXECUTION]: The skill suggests installing the mcp_microsoftdocs tool from the author's official GitHub repository (github.com/MicrosoftDocs/mcp). This is a legitimate tool recommendation for enhancing the skill's capabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 07:10 PM
Security Audit — agent-trust-hub — azure-deployment-environments