Azure Resource Visualizer - Architecture Diagram Generator
View on GitHub↗70High
The skill permits arbitrary Azure CLI command execution through injection due to insufficient input sanitization, despite a semantic read-
Behavior Analysis
Description verified — behavior matches claim
Claims to do
Azure Resource Visualizer - Architecture Diagram Generator: A user may ask for help understanding how individual resources fit together, or to create a diagram showing their relationships. Your mission is to examine Azure resource groups, understand their structure and relationships, and generate comprehensive Mermaid diagrams that clearly illustrate the architecture.
Actually does
This skill uses Azure CLI (`az`) and internal 'Azure MCP tools' to list Azure resource groups, query all resources within a specified group, and analyze their configurations, network settings, and dependencies. It then generates a detailed Mermaid architecture diagram and embeds it into a markdown file, along with a resource inventory and architectural summary.
Skill Info
Namemicrosoft/azure-skills/azure-resource-visualizer
Registrygithub
Version3d8788273dee
PURLpkg:github/microsoft/azure-skills@3d8788273dee?skill=azure-resource-visualizer
Stars633
Installs174,500
Source
SHA-256c5440652a595...
SHA-1cf70a6d38d2c...
MD538334408f619...
TLSH5e026043aa19...
ssdeep192:Ev+WTdQ8...
Size8,265 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
GitHub
https://github.com/microsoft/azure-skills/tree/main/skills/azure-resource-visualizer174,500 installs
Claude CodeDocs
/plugin marketplace add microsoft/azure-skills/plugin install azure-resource-visualizer@microsoft/azure-skills
Gemini CLIDocs
gemini extensions install https://github.com/microsoft/azure-skills.git --consent
Skills.shDocs
npx skills add https://github.com/microsoft/azure-skills --skill azure-resource-visualizerAssessments (2)
AI Agent Traps ↗Potential for arbitrary Azure CLI command executionhighcommand execution
The skill explicitly instructs the agent to use the `az` (Azure CLI) command-line tool for complex queries. While examples provided are read-only, the general instruction to use `az` without strict input sanitization or command whitelisting could allow for arbitrary command execution if an attacker can inject into the command string.
90% confidenceline 100
Use Azure CLI for complex queries not available via MCP Example: `az resource list --resource-group <name> --output json`
Semantic constraint (read-only) without technical enforcementinfooversight evasion
The skill explicitly states a 'read-only analysis' constraint, which is a positive guideline. However, this is a semantic instruction to the agent, not a technical enforcement, and could be bypassed by a compromised agent capable of executing arbitrary `az` commands.
70% confidenceline 115
Never Do: Modify or delete Azure resources (read-only analysis)
Dependencies (1)
azure.claude-plugin/marketplace.jsonnot scanned
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-resource-visualizer)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-resource-visualizer"><img src="https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-resource-visualizer.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-resource-visualizer.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow