azure-resource-manager-mysql-dotnet
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it instructs the agent to process untrusted data (like server or database names) and use them in sensitive Azure API calls.
- Ingestion points: Resource names for servers, databases, and firewall rules provided by users or external configurations in SKILL.md.
- Boundary markers: Absent; there are no delimiters or instructions to ignore embedded commands within user-provided names.
- Capability inventory: High-impact actions including
DeleteAsync,CreateOrUpdateAsync(for servers and firewall rules),UpdateAsync(for scaling), andStopAsync/StartAsyncin SKILL.md. - Sanitization: No sanitization or validation logic is present to ensure input names do not contain malicious instructions.
- [CREDENTIALS_UNSAFE]: The skill uses clear placeholder credentials (e.g., 'YourSecurePassword123!') in its code snippets. While these are common documentation examples and not real secrets, users should be reminded to use secure secret management like Azure Key Vault or Environment Variables in production.
- [EXTERNAL_DOWNLOADS]: Fetches official libraries from NuGet (Azure.ResourceManager.MySql, Azure.Identity) and references documentation from Microsoft's official domains and GitHub repositories.
Audit Metadata