Security risk report for @forgecat/microsoft-azure_skills-azure-storage v0.0.4
Source Integrity
Low
Profile is sourced from Microsoft's official azure-skills repository (https://github.com/microsoft/azure-skills) with clear attribution and MIT license.
Content is well-documented, references official Microsoft Learn documentation, and follows established Azure SDK patterns.
No suspicious external URLs, typosquatted packages, or attacker-controlled dependencies are present.
Agent Intent
Low
Profile contains only educational documentation about Azure Storage services, SDK usage, and authentication best practices—no instructions to manipulate the AI agent.
All code examples are standard, legitimate Azure SDK patterns from Microsoft's official documentation; no prompt injection, role hijacking, or system prompt leakage attempts.
Security guidance (e.g., preferring managed identities, avoiding DefaultAzureCredential in production) strengthens rather than weakens security posture.
Details
Evidence
auth-best-practices.md explicitly states 'Use managed identities and Azure RBAC in production. Reserve DefaultAzureCredential for local development only.'
All SDK quick-start examples reference official Microsoft packages (azure-storage-blob, azure-identity, etc.) with no obfuscation or hidden instructions.
Profile description and skill metadata accurately describe the service scope (blob, queue, file, table, data lake) with clear DO NOT USE boundaries.
Permissions
Low
Profile declares no tools, hooks, or MCP servers—it is purely educational documentation with code examples.
No file_write, file_delete, shell, or other high-risk operations are requested or implied.
Guidance is limited to explaining Azure Storage concepts and SDK usage patterns without demanding agent authority.
Details
Evidence
Profile metadata shows 'Dependencies: None' and no MCP server definitions are present.
Content is read-only reference material (markdown, code snippets, tables) with no executable directives.
MCP Risk
Low
No MCP servers are defined in the profile; the SKILL.md references a hypothetical `azure__storage` MCP server only as documentation of what would be available if Azure MCP were enabled.
The profile explicitly provides CLI fallback commands (az storage blob, az storage queue, etc.) as an alternative when MCP is not available.
No hidden instructions, arbitrary binary execution, or unrestricted network/filesystem access are present.
Details
Evidence
SKILL.md states 'When Azure MCP is enabled:' followed by conditional documentation; no actual MCP server configuration is embedded.
CLI fallback section provides transparent, standard Azure CLI commands with clear parameter placeholders (ACCOUNT, CONTAINER, BLOB, LOCAL_PATH).