azure-ai
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation references multiple official Microsoft Azure SDKs for Python, Node.js, .NET, and Java. These include well-known packages such as
azure-search-documents,azure-ai-contentsafety, andAzure.AI.OpenAI. These references target a trusted well-known service provider and do not represent a security risk. - [PROMPT_INJECTION]: The skill facilitates the processing of untrusted external data, which creates a surface for indirect prompt injection attacks.
- Ingestion points: Untrusted data enters the agent context through AI Search results (
search_query), Speech-to-text transcriptions (speech_transcribe), and Document Intelligence OCR analysis. - Boundary markers: The provided SDK references and tool descriptions do not define delimiters or system instructions to ignore instructions embedded within the processed external content.
- Capability inventory: The skill enables capabilities such as vector search, audio transcription, and document field extraction, which could be influenced by malicious content in the input data.
- Sanitization: No explicit sanitization or validation protocols are described in the documentation to filter out potentially malicious instructions from external sources before they reach the LLM.
Audit Metadata