detecting-azure-lateral-movement
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a well-documented and legitimate security utility for cloud-based threat hunting.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill retrieves sensitive logs from Microsoft Graph API. All network communication is directed to trusted Microsoft endpoints (login.microsoftonline.com and graph.microsoft.com). No exfiltration to unauthorized domains or hardcoded credentials were detected. Credentials for the script are provided via CLI arguments, which is a standard and secure practice.
- [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: No remote code execution patterns, such as piping downloads to a shell or using dangerous functions like eval(), were found. The skill uses the standard requests library for HTTP communication.
- [INDIRECT_PROMPT_INJECTION]: The script processes external log data which could technically be influenced by an attacker. However, the risk is negligible as it is a reporting tool.
- Ingestion points: Azure AD audit and sign-in logs retrieved in
scripts/agent.pyvia Microsoft Graph API. - Boundary markers: The output is structured as JSON but does not contain explicit prompt delimiters or security warnings for downstream LLMs.
- Capability inventory: The script performs file-write operations to save detection reports locally.
- Sanitization: Data is safely serialized using standard JSON encoding.
- [DYNAMIC_CONTEXT_INJECTION]: No usage of dynamic context injection syntax (e.g., shell command execution at load time) was detected in the skill's instructions.
Audit Metadata