Security Audit
azure-compute-batch-java
github.com/sickn33/antigravity-awesome-skillsTrust Assessment
azure-compute-batch-java received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Potential Command Injection via Task Execution, Excessive Permissions for Batch Operations, Use of Beta Dependency Version.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via Task Execution The skill demonstrates the use of `batchClient.createTask` and related methods (`createTaskCollection`, `createTasks`) which accept a command string (e.g., `"echo 'Hello World'"`) to be executed directly on Azure Batch compute nodes. If an AI agent constructs this command string from untrusted user input without proper sanitization, it could lead to arbitrary command execution on the underlying virtual machines, resulting in data exfiltration, system compromise, or resource abuse. Implement strict input validation and sanitization for any user-provided data that is incorporated into the command string passed to `createTask` or similar methods. Consider using a whitelist approach for allowed commands and arguments, or escaping all special characters to prevent shell metacharacter interpretation. Ensure tasks run with the lowest necessary privileges (e.g., `ElevationLevel.NON_ADMIN`). | LLM | SKILL.md:167 | |
| MEDIUM | Excessive Permissions for Batch Operations The skill demonstrates a wide range of powerful Azure Batch operations, including creating/deleting pools, jobs, and tasks, resizing pools, terminating jobs/tasks, and rebooting nodes. While these are legitimate functions of the SDK, the AI agent using this skill will operate with the permissions granted to its underlying identity. Misuse or compromise of this skill could lead to significant resource manipulation, cost overruns, or denial of service. Additionally, tasks can be configured to run with administrative privileges (`ElevationLevel.ADMIN`), which increases the blast radius of any command injection vulnerability. Apply the principle of least privilege to the Azure identity used by the AI agent. Grant only the minimum necessary permissions to perform its intended functions within Azure Batch. Explicitly warn users about the implications of running tasks with `ElevationLevel.ADMIN` and advise against it unless absolutely necessary, preferring `NON_ADMIN` where possible. | LLM | SKILL.md:174 | |
| INFO | Use of Beta Dependency Version The skill specifies a beta version (`1.0.0-beta.5`) for the `azure-compute-batch` dependency. Beta versions may be less stable, contain known or unknown bugs, or have security vulnerabilities that have not yet been patched, compared to stable releases. This introduces a minor supply chain risk. For production environments, it is generally recommended to use stable, officially released versions of dependencies. Monitor for the release of a stable version of `azure-compute-batch` and update the dependency accordingly. | LLM | SKILL.md:16 |
Scan History
Embed Code
[](https://skillshield.io/report/8477a7a54fbe3560)
Powered by SkillShield