Azure Resource Lookup

Name: azure-skills/azure-resource-lookup
Author: microsoft

View on GitHub↗

Share on X Share on LinkedIn Share on Bluesky

100Critical

The Azure Resource Lookup skill allows arbitrary shell command injection through unsanitized user intent

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

Azure Resource Lookup: List, find, and discover Azure resources of any type across subscriptions and resource groups. Use Azure Resource Graph (ARG) for fast, cross-cutting queries when dedicated MCP tools don't cover the resource type.

Actually does

The skill primarily uses `extension_cli_generate` to construct and execute `az graph query` commands against Azure Resource Graph (ARG) to retrieve metadata about Azure resources. It also leverages `mcp_azure_mcp_subscription_list` and `mcp_azure_mcp_group_list` to scope queries, and can route to other specific `az` CLI commands for single-resource-type lookups when full coverage is available.

Threat Analysis

AI Agent Traps ↗Scanned 4/14/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoningclean

Cognitive StateMemory & Learningclean

Behavioural ControlAction2 findings

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namemicrosoft/azure-skills/azure-resource-lookup

Registrygithub

Version3d8788273dee

PURLpkg:github/microsoft/azure-skills@3d8788273dee?skill=azure-resource-lookup

Stars633

Installs174,500

Source

Repository ↗SKILL.md ↗

SHA-256aa7ee717fbe8...

SHA-1b529ff60af0c...

MD54066841408b9...

TLSHe6b143478da6...

ssdeep96:QWh4D4T92...

Size5,216 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

GitHub

https://github.com/microsoft/azure-skills/tree/main/skills/azure-resource-lookup

174,500 installs

Claude CodeDocs

/plugin marketplace add microsoft/azure-skills

/plugin install azure-resource-lookup@microsoft/azure-skills

Gemini CLIDocs

gemini extensions install https://github.com/microsoft/azure-skills.git --consent

Skills.shDocs

npx skills add https://github.com/microsoft/azure-skills --skill azure-resource-lookup

Assessments (1)

AI Agent Traps ↗

Command Injection via extension_cli_generatecriticalcommand execution, prompt injection

The skill uses `extension_cli_generate` to convert user `intent` into `az` CLI commands. If the user's request within the `intent` is not properly sanitized, it could lead to arbitrary shell command injection.

90% confidence

mcp_azure_mcp_extension_cli_generate
  intent: "query Azure Resource Graph to <user's request>"
  cli-type: "az"

Potential Data Exfiltrationhighdata exfiltration

If command injection is possible through the `extension_cli_generate` tool, an attacker could leverage it to exfiltrate sensitive data from the agent's execution environment.

80% confidenceline 85

az graph query -q "<KQL>" --query "data[].{name:name, type:type, rg:resourceGroup}" -o table

Dependencies (1)

azure.claude-plugin/marketplace.jsonnot scanned

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-resource-lookup.svg)](https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-resource-lookup)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-resource-lookup"><img src="https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-resource-lookup.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-resource-lookup.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow