Security Audit

pulumi-arm-to-pulumi

github.com/pulumi/agent-skills

AI SkillCommit 3230a42ddb5b

TRUSTED

Scanned 12 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

pulumi-arm-to-pulumi received a trust score of 92/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.

SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 1 medium, and 1 low severity. Key findings include Unnecessary Azure Credential Requirement, Unsafe Shell Command Construction Template.

The analysis covered 4 layers: dependency_graph, llm_behavioral_safety, manifest_analysis, static_code_analysis. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 8, 2026 (commit 3230a42d). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

91%

Behavioral Risk Signals

Shell Execution

1 finding

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
MEDIUM	Unnecessary Azure Credential Requirement The skill workflow mandates 'Verify Azure Credentials' and `az login` as the first step for all operations, including static ARM template conversion. This violates the Principle of Least Privilege by requiring and exposing cloud credentials for tasks that can be performed offline (static code analysis and translation). Modify the workflow to make Azure login conditional, required only when the user explicitly requests 'Importing Existing Resources' or when dynamic validation against the Azure API is necessary.	Unknown	SKILL.md:60
LOW	Unsafe Shell Command Construction Template The skill provides a shell command template that suggests concatenating user-provided environment names (`{org}/{project}/{environment}`) directly into a shell command string. If the agent substitutes unsanitized user input into this template, it creates a command injection vulnerability (e.g., if the environment name contains semicolons or shell operators). Update the instruction to explicitly warn the agent to validate or sanitize the `{org}/{project}/{environment}` input for shell metacharacters before execution, or suggest using an execution tool that accepts arguments as an array.	Unknown	SKILL.md:70

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/883db7c3d1c3524c.svg)](https://skillshield.io/report/883db7c3d1c3524c)