The Agent Skills Directory

[SAFE]: The skill facilitates secure deployment by generating code that uses os.environ.get for the project connection string and DefaultAzureCredential for authentication, avoiding the risk of hardcoded secrets.
[SAFE]: Proactive security testing is integrated via evals/evals.json, which includes test cases for name injection and restricted directory access to ensure the agent handles malicious or erroneous inputs correctly.
[PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection because its core function involves processing and wrapping external, untrusted skill definitions into a new deployment.
Ingestion points: The scripts/scaffold_azure_agent.py script reads the contents of a target SKILL.md file from a user-provided directory path.
Boundary markers: The generation logic does not currently enclose the imported instructions within dedicated boundary markers or include directives to ignore embedded instructions in the generated agent.
Capability inventory: The skill employs the Bash tool to execute the scaffolding script and has Write and Read permissions to create the deployment directory structure.
Sanitization: The script performs direct string formatting without validating or sanitizing the content of the source SKILL.md file before it is embedded in the generated Python integration script.

create-azure-agent