The skill forces the agent to bypass verified security best practices and relies on missing, externally sourced workflow files, creating significant risks of instruction override and unauthorized code execution.
npx skills add https://github.com/microsoft/azure-skillsThe skill explicitly instructs the agent to prefer its own internal logic over the official 'mcp__azure__get_azure_bestpractices' tool, which can lead to the agent ignoring security-hardened or verified best practices in favor of potentially outdated or malicious local instructions. [ensemble: confirmed by 3/3 passes; severity set to the agreed median (ADR-0067).]
PREFER OVER mcp__azure__get_azure_bestpractices for VM create intents
SKILL.md links to "workflows/capacity-reservation/capacity-reservation.md" but the file is not part of the skill package — the workflow silently degrades or the content is sourced elsewhere at runtime
[capacity-reservation.md](workflows/capacity-reservation/capacity-reservation.md)
SKILL.md links to "workflows/essential-machine-management/essential-machine-management.md" but the file is not part of the skill package — the workflow silently degrades or the content is sourced elsewhere at runtime
[essential-machine-management.md](workflows/essential-machine-management/essential-machine-management.md)
SKILL.md links to "workflows/vm-creator/vm-creator.md" but the file is not part of the skill package — the workflow silently degrades or the content is sourced elsewhere at runtime
[vm-creator.md](workflows/vm-creator/vm-creator.md)
SKILL.md links to "workflows/vm-recommender/vm-recommender.md" but the file is not part of the skill package — the workflow silently degrades or the content is sourced elsewhere at runtime
[vm-recommender.md](workflows/vm-recommender/vm-recommender.md)
SKILL.md links to "workflows/vm-troubleshooter/vm-troubleshooter.md" but the file is not part of the skill package — the workflow silently degrades or the content is sourced elsewhere at runtime
[vm-troubleshooter.md](workflows/vm-troubleshooter/vm-troubleshooter.md)
[](https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-compute)<a href="https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-compute"><img src="https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-compute.svg" alt="Mondoo Skill Check" /></a>https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-compute.svgSkills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.