azure-ai-document-intelligence-dotnet
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill does not contain any malicious code, obfuscation, or persistence mechanisms. The examples provided align with standard SDK usage for Azure services.
- [EXTERNAL_DOWNLOADS]: The skill references 'Azure.AI.DocumentIntelligence' and 'Azure.Identity' packages. These are official Microsoft SDKs hosted on NuGet. As Microsoft is a trusted organization, these downloads are considered safe and routine for the skill's purpose.
- [CREDENTIALS_UNSAFE]: The skill demonstrates secure credential handling by using environment variables (e.g., DOCUMENT_INTELLIGENCE_API_KEY) and placeholders. It explicitly warns against hardcoding credentials in the acceptance criteria and promotes the use of DefaultAzureCredential for production environments.
- [PROMPT_INJECTION]: The skill is designed to extract text and data from external documents (PDFs, images) using Azure's AI models. This creates a surface for Indirect Prompt Injection if the extracted text is processed by an LLM without appropriate sanitization or boundary markers. However, the skill itself provides no malicious instructions and functions as a standard library wrapper.
- Ingestion points: Document analysis via AnalyzeDocumentAsync (SKILL.md, acceptance-criteria.md).
- Boundary markers: None identified in the provided code snippets.
- Capability inventory: Azure API calls for document processing; no direct system-level execution or local file writing.
- Sanitization: Not present in the basic SDK usage examples.
Audit Metadata