Azure AI Gateway

Name: azure-skills/azure-aigateway
Author: microsoft

Share on X Share on LinkedIn Share on Bluesky

40Medium

The skill exposes Azure API Management subscription keys in plain text within shell commands, risking credential compromise.

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

Azure AI Gateway: Configure Azure API Management (APIM) as an AI Gateway for governing AI models, MCP tools, and agents.

Actually does

The skill uses Azure CLI (`az`) to interact with Azure API Management (APIM) and Azure Cognitive Services. It retrieves APIM gateway URLs, lists AI backends, and fetches subscription keys. It can also create APIM backends for Azure OpenAI services, assign necessary roles, and uses `curl` to test the configured AI gateway by making requests to an OpenAI deployment.

Threat Analysis

AI Agent Traps ↗Scanned 4/14/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoningclean

Cognitive StateMemory & Learningclean

Behavioural ControlAction1 finding

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namemicrosoft/azure-skills/azure-aigateway

Registrygithub

Version3d8788273dee

PURLpkg:github/microsoft/azure-skills@3d8788273dee?skill=azure-aigateway

Stars849

Installs292,500

Source

Repository ↗SKILL.md ↗

SHA-25620f92e14cecb...

SHA-166bcb12bf09e...

MD5a37254496fea...

TLSHe5a193089a62...

ssdeep96:o+PPvHyXW...

Size5,029 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

GitHub

https://github.com/microsoft/azure-skills/tree/main/skills/azure-aigateway

292,500 installs

Claude CodeDocs

/plugin marketplace add microsoft/azure-skills

/plugin install azure-aigateway@microsoft/azure-skills

Gemini CLIDocs

gemini extensions install https://github.com/microsoft/azure-skills.git --consent

Skills.shDocs

npx skills add https://github.com/microsoft/azure-skills

Assessments (1)

AI Agent Traps ↗

Exposure of Azure API Management subscription keysmediumcredential theft

The skill demonstrates retrieving and using Azure API Management subscription keys in plain text within shell commands. This practice can expose sensitive credentials if the execution environment is compromised or if command history/logs are accessible.

80% confidenceline 45

az apim subscription keys list ...\ncurl ... -H "Ocp-Apim-Subscription-Key: <key>"

Version History (2)

eb84d07b549070High5/4/2026 3d8788273deecurrent40Medium4/14/2026

Dependencies (1)

azure.claude-plugin/marketplace.jsonnot scanned

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-aigateway.svg)](https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-aigateway)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-aigateway"><img src="https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-aigateway.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-aigateway.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow