40Medium
The skill is vulnerable to command and K
Behavior Analysis
Description verified — behavior matches claim
Claims to do
Azure Diagnostics: > **AUTHORITATIVE GUIDANCE — MANDATORY COMPLIANCE** > > This document is the **official source** for debugging and troubleshooting Azure production issues. Follow these instructions to diagnose and resolve common Azure service problems systematically.
Actually does
The skill executes Azure CLI commands to retrieve resource details, list activity logs, and query logs for Container Apps and Function Apps via App Insights. It also invokes internal `mcp_azure_mcp_applens`, `mcp_azure_mcp_monitor`, and `mcp_azure_mcp_resourcehealth` tools for AI-powered diagnostics, log/metric querying, and resource health checks, utilizing provided resource IDs, resource groups, and KQL queries.
Skill Info
Namemicrosoft/azure-skills/azure-diagnostics
Registrygithub
Versioneb84d07b5490
PURLpkg:github/microsoft/azure-skills@eb84d07b5490?skill=azure-diagnostics
Stars849
Installs293,000
Source
SHA-256eed2c6c9119c...
SHA-10bc7f6812cf0...
MD58d075dd81a5b...
TLSH64c1740abfa0...
ssdeep96:vWP0slGHA...
Size5,680 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
Assessments (1)
AI Agent Traps ↗Potential command injection via Azure CLI placeholdersmediumcommand execution
The skill provides Azure CLI commands with placeholders (e.g., `RESOURCE_ID`, `RG`). If these placeholders are populated directly from unsanitized user input, it could lead to command injection, allowing arbitrary command execution.
90% confidenceline 79
az resource show --ids RESOURCE_ID
Potential KQL injection via MCP Monitor toolmediumtool poisoning
The `mcp_azure_mcp_monitor` tool accepts a `query` parameter for KQL. If this parameter is populated directly from unsanitized user input, it could allow for malicious KQL injection, leading to resource abuse or unintended data access.
90% confidenceline 114
query: "<KQL-query>"
Broad resource access via custom MCP toolslowreconnaissance
The skill defines and uses custom `mcp_azure_mcp_` tools that allow querying and diagnosing various Azure resources by `resourceId`. While intended for diagnostics, this capability grants broad access to resource information, requiring strict access controls on the agent's underlying identity.
80% confidenceline 93
mcp_azure_mcp_applens
Version History (2)
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-diagnostics)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-diagnostics"><img src="https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-diagnostics.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-diagnostics.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow