Azure Data Explorer (Kusto) Query & Analytics
View on GitHub↗100Critical
This skill allows command injection, data exfiltration,
Behavior Analysis
Description verified — behavior matches claim
Claims to do
Azure Data Explorer (Kusto) Query & Analytics: Execute KQL queries and manage Azure Data Explorer resources for fast, scalable big data analytics on log, telemetry, and time series data.
Actually does
This skill primarily uses `kusto_cluster_list`, `kusto_database_list`, `kusto_query`, and `kusto_table_schema_get` to interact with Azure Data Explorer. It executes KQL queries against specified Kusto databases to retrieve and analyze log, telemetry, and time series data. As a fallback, it can use Azure CLI commands (`az kusto` and `az rest`) to list resources and execute KQL queries against Kusto cluster REST API endpoints.
Skill Info
Namemicrosoft/azure-skills/azure-kusto
Registrygithub
Versioneb84d07b5490
PURLpkg:github/microsoft/azure-skills@eb84d07b5490?skill=azure-kusto
Stars849
Installs292,500
Source
SHA-256d3018c0de4b7...
SHA-1b0b998a347d7...
MD52ff068c3c1d2...
TLSHd802a595b644...
ssdeep192:FNCRj31q...
Size8,602 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
Assessments (1)
AI Agent Traps ↗Command Execution via Azure CLI Fallbackcriticalcommand execution
The skill explicitly defines a fallback mechanism to Azure CLI commands, including `az rest` for arbitrary HTTP POST requests and `az kusto` for resource management. This capability could be exploited for command injection, data exfiltration to attacker-controlled endpoints, Server-Side Request Forgery (SSRF) via `az rest`, or unauthorized manipulation of Azure Kusto resources if parameters are not strictly controlled.
100% confidenceline 185
az rest --method post ... --url "https://<cluster>.<region>.kusto.windows.net/v1/rest/query" ... az kusto cluster list --resource-group <rg-name>
Resource Abuse via KQL Queriesmediumresource abuse
KQL queries, especially complex or broad ones, can consume significant computational resources on the Azure Data Explorer cluster, potentially leading to high CPU usage, timeouts, or denial of service if maliciously crafted. The skill itself acknowledges this risk.
90% confidenceline 222
Common Issues - High CPU Usage: Query too broad - add filters, reduce time range, limit aggregations
Extensive Reconnaissance Capabilitieslowreconnaissance
The skill provides multiple tools (`kusto_cluster_list`, `kusto_database_list`) and fallback Azure CLI commands to list and discover Azure Data Explorer clusters and databases. This capability, while intended, can be used for extensive reconnaissance of an Azure environment if misused.
100% confidenceline 170
`kusto_cluster_list`, `kusto_database_list`, `az kusto cluster list`, `az kusto database list`
Data Exfiltration via KQL Querieslowdata exfiltration
The primary function of this skill is to execute KQL queries to retrieve data from Azure Data Explorer. If an attacker can inject or manipulate the KQL query, sensitive data could be exfiltrated from the database.
100% confidenceline 41
Key capabilities: Query Execution: Run KQL queries against massive datasets. Query results include: Columns, Rows
Version History (2)
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-kusto)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-kusto"><img src="https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-kusto.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-kusto.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow