Security risk report for @forgecat/microsoft-azure_skills-azure-ai v0.0.4
Source Integrity
Low
Profile is sourced from Microsoft's official azure-skills repository (https://github.com/microsoft/azure-skills) with MIT license.
All content is documented as condensed SDK references and best practices from official Microsoft Azure documentation and client libraries.
No suspicious or untrusted external dependencies; references point to legitimate Microsoft Learn documentation and official Azure SDK packages.
Agent Intent
Low
Content is purely educational and reference material — SDK quick starts, authentication best practices, and service capability documentation.
No instructions to manipulate the AI, ignore system prompts, exfiltrate data, or perform unauthorized actions.
Auth best practices document explicitly recommends security-first patterns (managed identities, RBAC, no hardcoded secrets) and warns against insecure practices — this is guidance poisoning prevention, not poisoning.
Details
Evidence
auth-best-practices.md: 'Use managed identities and Azure RBAC in production. Reserve DefaultAzureCredential for local development only.'
Security Checklist: 'Never hardcode credentials, connection strings, or keys' and 'Store any required secrets in Azure Key Vault'
All SDK references are condensed documentation with standard, well-known Azure client library patterns — no backdoored code or typosquatted packages.
Permissions
Low
No tools or MCP servers are declared in this profile; it is purely documentation and reference material.
No shell, file write, file delete, or other high-risk operations are requested or configured.
Content describes legitimate Azure service capabilities (search, speech, document intelligence, content safety) without requesting excessive or unrelated permissions.
Details
Evidence
Profile declares 'Dependencies: None' and no MCP servers or tool definitions are present.
All references are to standard Azure SDK client libraries and official Microsoft services.
No alwaysApply rules, glob patterns, or permission escalation mechanisms are defined.
MCP Risk
Low
No MCP servers are defined or configured in this profile.
Content is static documentation and SDK reference guides with no executable payloads or server definitions.
No hidden instructions, arbitrary binary execution, or unrestricted network/filesystem access is present.
Details
Evidence
Profile metadata shows 'MCP servers: (none)' — no MCP server definitions are included.
All content is markdown documentation referencing legitimate, publicly available Azure SDK packages and Microsoft Learn documentation.