Security Audit

azure-resource-manager-redis-dotnet

github.com/sickn33/antigravity-awesome-skills

AI SkillCommit e36d6fd3b3f6

CAUTION

Scanned about 1 month ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

azure-resource-manager-redis-dotnet received a trust score of 68/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 4 findings: 0 critical, 2 high, 1 medium, and 1 low severity. Key findings include Unpinned .NET package dependencies, Redis Access Keys exposed in examples, Broad Azure Resource Manager permissions.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 61/100, indicating areas for improvement.

Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

61%

Behavioral Risk Signals

Network Access

2 findings

Filesystem Write

2 findings

Shell Execution

1 finding

Excessive Permissions

3 findings

Security Findings4

Severity	Finding	Layer	Location
HIGH	Redis Access Keys exposed in examples The skill demonstrates retrieving highly sensitive Redis access keys (`PrimaryKey`, `SecondaryKey`) and printing them to `Console.WriteLine` or using them directly in a connection string. While this is for demonstration, in a real-world scenario, logging or exposing these keys can lead to full data plane access to the Redis cache, allowing data exfiltration or manipulation. An attacker could potentially prompt the LLM to execute code that logs these keys or passes them to an external service. Advise users to handle Redis access keys with extreme care. Avoid logging them or printing them to standard output. Store them securely (e.g., Azure Key Vault) and retrieve them only when needed for connection. Ensure that any LLM interaction that involves these keys is strictly controlled and audited.	LLM	SKILL.md:128
HIGH	Data exfiltration vector via Redis export to arbitrary storage The skill demonstrates the ability to export Redis data to an arbitrary blob storage container, potentially specified by a URL that includes a Shared Access Signature (SAS) token. If an attacker can manipulate the skill's input to specify an attacker-controlled storage account URL, they could exfiltrate sensitive data stored in the Redis cache. The skill also has the capability to retrieve the Redis access keys, which would allow it to connect to the Redis instance and initiate such an export. Implement strict validation and allow-listing for target storage account URLs and SAS tokens used in export operations. Ensure that the skill cannot be prompted to export data to arbitrary, untrusted destinations. Consider restricting export functionality to pre-approved storage accounts or requiring explicit user confirmation for any export operation.	LLM	SKILL.md:190
MEDIUM	Broad Azure Resource Manager permissions The skill is designed to perform management plane operations on Azure Redis caches, including creation, deletion, updates, firewall rule management, and key regeneration. These operations require significant permissions (e.g., `Microsoft.Cache/redis/write`, `Microsoft.Cache/redis/delete`, `Microsoft.Cache/redis/listKeys/action`). If the underlying service principal or managed identity used by the skill has overly broad permissions (e.g., Contributor role at subscription scope), a compromised skill could be used to manipulate or delete critical Azure resources beyond just Redis. Implement the principle of least privilege. Ensure the identity used by the skill (e.g., service principal, managed identity) has only the minimum necessary Azure RBAC permissions required for its operations on specific resource scopes. For example, grant `Redis Cache Contributor` role only on the specific resource groups or Redis instances it needs to manage.	LLM	SKILL.md:60
LOW	Unpinned .NET package dependencies The installation instructions use `dotnet add package` without specifying a version. This can lead to non-deterministic builds and introduce vulnerabilities if a new version of the package contains malicious code or breaking changes. It's a supply chain risk as the skill might pull an unvetted or compromised version. Specify exact versions for all package dependencies (e.g., `dotnet add package Azure.ResourceManager.Redis --version 1.5.1`) to ensure deterministic builds and mitigate risks from unexpected updates.	LLM	SKILL.md:19

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/bb8f3ca37b4edfd4.svg)](https://skillshield.io/report/bb8f3ca37b4edfd4)