No references to reading ~/.ssh, ~/.aws, .env, or exfiltrating data to external hosts.
Permissions
Low
The skill is designed to execute read-only Azure Resource Graph queries via the `az graph query` CLI command.
No file write, delete, or shell mutation operations are requested; all operations are scoped to querying Azure metadata.
Authority matches the stated function: discovering and listing Azure resources without modification.
Details
Evidence
MCP tools listed are query-only: 'extension_cli_generate', 'mcp_azure_mcp_subscription_list', 'mcp_azure_mcp_group_list'.
Workflow explicitly routes to dedicated MCP tools for single-resource queries and ARG for cross-cutting read-only discovery.
Error handling and constraints reinforce read-only semantics: 'Never attempt mutations through ARG'.
MCP Risk
Low
No MCP servers are declared in the profile; the skill relies on standard Azure CLI (`az graph query`) and existing MCP tool wrappers.
The referenced tools (extension_cli_generate, subscription_list, group_list) are standard Azure query operations with no hidden instructions or arbitrary binary execution.
No unrestricted network access or full filesystem permissions are requested.
Details
Evidence
Profile declares: '(none)' for MCP servers.
Tool descriptions are transparent and limited to Azure Resource Graph query generation and subscription/resource group enumeration.
All operations are scoped to Azure metadata queries with explicit constraints on scope and output.