ClawHub

azure-cli

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Azure CLI reference skill with powerful but expected cloud-management commands, so users should treat examples as live infrastructure actions.

Install only if you intend to let an agent help with Azure administration. Use least-privilege Azure identities, confirm the active subscription and resource group, avoid production for examples, review every create/update/delete/deploy/run-command action before execution, and never expose access tokens, connection strings, or service-principal secrets in chat or logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The README includes commands that create and manage Azure resources such as resource groups and virtual machines, which can incur real cloud charges and modify live infrastructure. While this is expected for an Azure CLI skill, the absence of explicit warnings about billing, quotas, and cleanup increases the risk that users will run examples in production or paid subscriptions without understanding the consequences.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The documented workflows perform real deployments and remote command execution against Azure resources, including application deployment and VM command invocation. In context these are legitimate administrative actions, but without explicit safety guidance they can unintentionally alter production systems, deploy unreviewed code, or execute privileged commands on remote hosts.

Missing User Warnings

High
Confidence
89% confidence
Finding
The example pipelines all VM IDs in a resource group directly into a deletion command, enabling bulk destructive action with no confirmation, scoping guardrails, or warning. In a copy-paste workflow, this can cause rapid accidental deletion of production infrastructure and service outage.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
Describing a cleanup script as removing unused resources without explaining deletion scope, selection criteria, or safety checks encourages execution of potentially destructive automation. Users may run it assuming it is safe, leading to unintended deletion of billable or business-critical resources.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The reference includes destructive commands such as resource-group deletion, including a variant that suppresses confirmation with `--yes --no-wait`, but provides no safety guidance or warning text. In an agent skill context, exposing irreversible cloud-destruction commands as plain examples increases the chance an automation or user copies them into production without adequate validation.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The reference documents token and credential-related commands such as `az account get-access-token` without any warning about secret handling, output exposure, storage, or least-privilege use. In an agent-accessible skill, this can normalize retrieving sensitive tokens and increase the risk of accidental disclosure in logs, transcripts, or downstream tooling.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal