azure-cost-optimization

skills-sh:microsoft_github-copilot-for-azure__azure-cost-optimization

View source

100/100

First Seen

Feb 20, 2026

Last Scanned

Feb 20, 2026

Findings

Score

100/100

LOW 1

Findings (1)

LOW

External API response drives agent behavior INDIRECT_009

indirect-injection L182

Detects skills where external API responses control agent decisions or actions

Query using REST API  + based on actual usage data

FIX

Do not include content from MCP tool responses verbatim in system prompts or tool descriptions. Sanitize all dynamic content before incorporating it into prompt context.

FP?

Likely FP if the match is a static tool description that mentions dynamic content handling in its documentation, not an actual injection vector.