This is a personal open-source project, not an official Microsoft product. Do not report security issues or vulnerabilities to the Microsoft Security Response Center (MSRC). Please use this repository's reporting process below.
| Version | Supported |
|---|---|
| 2.0.x | ✅ |
| 1.14.x | ✅ |
| 1.13.x | ✅ |
| 1.12.x | ✅ |
| < 1.12 | ❌ |
If you discover a security vulnerability within this project, please report it via GitHub Security Advisories.
Please do not report security vulnerabilities through public GitHub issues.
You should receive a response within 48 hours. If the issue is confirmed, we will release a patch as soon as possible depending on complexity.
When using this tool:
- Never commit Azure credentials to version control
- Use managed identities when running in Azure environments
- Limit subscription access to only what's needed
- Review exported files before sharing - they contain subscription IDs and region data
- Don't run untrusted scripts - always review code before execution
This tool:
- ✅ Reads Azure VM SKU information (read-only)
- ✅ Reads quota/usage information (read-only)
- ❌ Does NOT create, modify, or delete any Azure resources
- ❌ Does NOT store or transmit credentials
- ❌ Does NOT access sensitive data beyond SKU/quota info