ClawHub
Back to skill
v0.84.0

agent-bom discover azure

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 1:55 AM.

Analysis

The skill is a coherent Azure inventory workflow that discloses its read-only Azure credential use, but users should still review the credential scope and external agent-bom dependency before running it.

GuidanceUse a least-privilege Azure read-only identity, set the subscription scope deliberately, do not paste secrets, install agent-bom from a trusted source, and treat the generated inventory JSON as sensitive before sharing it.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceMediumStatusNote
SKILL.md
Requires Python 3.11+, agent-bom installed from this repository or PyPI ... python examples/operator_pull/azure_inventory_adapter.py

The workflow relies on external agent-bom code and an example adapter path rather than code included in this skill artifact.

User impactUsers need to trust the external package or repository they install before running the inventory adapter.
RecommendationInstall agent-bom only from the referenced official repository or PyPI package, and review or pin the version before using it with Azure credentials.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
SKILL.md
credentials: azure-read-only ... file_reads: - "~/.azure/azureProfile.json" - "~/.azure/config" - "~/.azure/msal_token_cache.json"

The skill explicitly uses the operator's Azure identity chain and local Azure profile/token cache files to perform read-only discovery.

User impactThe skill can enumerate Azure resources visible to the selected identity, so an overprivileged identity could expose a broad cloud inventory.
RecommendationRun it only with an operator-approved, least-privilege read-only Azure identity and restrict the subscription ID to the intended scope.