70High
The skill is vulnerable to path traversal
Behavior Analysis
Description verified — behavior matches claim
Claims to do
Azure Cloud Migrate: > This skill handles **assessment and code migration** of existing cloud workloads to Azure.
Actually does
The skill creates a new directory (`<source-folder>-azure/`), analyzes source code/configuration from a provided source folder, and generates an assessment report. It then converts code and configuration based on scenario-specific guides (e.g., AWS Lambda to Azure Functions, GCP Cloud Run to Azure Container Apps). It uses `mcp_azure_mcp_get_bestpractices` and `mcp_azure_mcp_documentation` tools for guidance and documentation.
Skill Info
Namemicrosoft/azure-skills/azure-cloud-migrate
Registrygithub
Version3d8788273dee
PURLpkg:github/microsoft/azure-skills@3d8788273dee?skill=azure-cloud-migrate
Stars849
Installs292,800
Source
SHA-2567ab049bcb77f...
SHA-10103fd70060f...
MD540688da77861...
TLSH4141110e7a52...
Size2,249 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
GitHub
https://github.com/microsoft/azure-skills/tree/main/skills/azure-cloud-migrate292,800 installs
Claude CodeDocs
/plugin marketplace add microsoft/azure-skills/plugin install azure-cloud-migrate@microsoft/azure-skills
Gemini CLIDocs
gemini extensions install https://github.com/microsoft/azure-skills.git --consent
Skills.shDocs
npx skills add https://github.com/microsoft/azure-skillsAssessments (3)
AI Agent Traps ↗RAG poisoning via external reference fileshighrag poisoning
The skill explicitly loads and follows rules from multiple external Markdown reference files. If these files are compromised, an attacker could inject malicious instructions, alter migration logic, or bypass security controls.
90% confidenceline 21
Load the scenario reference and follow its rules; [global-rules](references/services/functions/global-rules.md)
Path traversal in output directory creationmediumcommand execution
The skill creates an output directory using `<source-folder>-azure/`. If `<source-folder>` is derived from untrusted input and not sanitized, an attacker could use path traversal sequences to write files outside the intended workspace.
80% confidenceline 34
All output goes to `<source-folder>-azure/` at workspace root. Never modify the source directory. Create `<source-folder>-azure/` at workspace root
Potential command execution during code conversionmediumcommand execution
The skill performs 'Convert code/config' using scenario-specific migration guides. Depending on the implementation, this process could involve executing external scripts or vulnerable templating engines, leading to arbitrary command execution.
70% confidenceline 43
Migrate — Convert code/config using scenario-specific migration guide
Systemic risk from inter-agent hand-offmediumsub agent spawning
The skill explicitly hands off control to another skill, `azure-prepare`. If `azure-prepare` is compromised or manipulated, it could lead to cascading failures or unauthorized actions leveraging its capabilities.
90% confidenceline 45
Hand off to azure-prepare for infrastructure, testing, and deployment
Version History (2)
Dependencies (1)
azure.claude-plugin/marketplace.jsonnot scanned
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-cloud-migrate)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-cloud-migrate"><img src="https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-cloud-migrate.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-cloud-migrate.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow