Azure Resource Visualizer - Architecture Diagram Generator

Name: azure-skills/azure-resource-visualizer
Author: microsoft

Share on X Share on LinkedIn Share on Bluesky

40Medium

The skill enables direct command execution via Azure CLI, posing a risk for arbitrary command execution if the agent's environment is not properly sandboxed.

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

Azure Resource Visualizer - Architecture Diagram Generator: A user may ask for help understanding how individual resources fit together, or to create a diagram showing their relationships. Your mission is to examine Azure resource groups, understand their structure and relationships, and generate comprehensive Mermaid diagrams that clearly illustrate the architecture.

Actually does

The skill uses Azure CLI (`az`) and Microsoft Copilot Platform (MCP) intents to list Azure resource groups, query all resources within a selected group, and analyze their configurations and interdependencies. It then generates a detailed Mermaid architecture diagram and embeds it into a markdown file, which also includes a resource inventory, summary, and relationship explanations.

Threat Analysis

AI Agent Traps ↗Scanned 5/4/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoningclean

Cognitive StateMemory & Learningclean

Behavioural ControlAction1 finding

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namemicrosoft/azure-skills/azure-resource-visualizer

Registrygithub

Versioneb84d07b5490

PURLpkg:github/microsoft/azure-skills@eb84d07b5490?skill=azure-resource-visualizer

Stars849

Installs292,500

Source

Repository ↗SKILL.md ↗

SHA-256a0dd18d0f495...

SHA-117af7d5aea69...

MD598fdfc9cfe12...

TLSHb8026f43aa19...

ssdeep192:EvsWTdQ8...

Size8,528 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

GitHub

https://github.com/microsoft/azure-skills

292,500 installs

Claude CodeDocs

/plugin marketplace add microsoft/azure-skills

/plugin install azure-resource-visualizer@microsoft/azure-skills

Gemini CLIDocs

gemini extensions install https://github.com/microsoft/azure-skills.git --consent

Skills.shDocs

npx skills add https://github.com/microsoft/azure-skills

Assessments (1)

AI Agent Traps ↗

Direct Azure CLI command execution capabilitymediumcommand execution

The skill explicitly instructs the agent to use the `az` (Azure CLI) command-line tool via the terminal for resource discovery and analysis. While the examples provided are for read-only operations, this capability represents a direct primitive for command execution that could be exploited for arbitrary commands if the agent's environment is not properly sandboxed or if malicious instructions are provided.

90% confidenceline 28

use `az`... `Terminal (when needed): Use Azure CLI`

Version History (2)

eb84d07b5490current40Medium5/4/2026 3d8788273dee70High4/14/2026

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-resource-visualizer.svg)](https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-resource-visualizer)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-resource-visualizer"><img src="https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-resource-visualizer.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-resource-visualizer.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow