azure-communication-chat-java
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill follows security best practices by explicitly identifying hardcoded credentials as an anti-pattern and providing examples that use environment variables for authentication.\n- [EXTERNAL_DOWNLOADS]: Fetches official Azure SDK components from Maven Central. The package 'com.azure:azure-communication-chat' is maintained by Microsoft, a trusted source.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes external chat messages which may contain malicious instructions.\n
- Ingestion points: Chat message content is ingested through
listMessages()andgetMessage()inSKILL.mdandreferences/examples.md.\n - Boundary markers: No delimiters or specific instructions are provided to distinguish between system instructions and user-provided chat content when the agent processes retrieved messages.\n
- Capability inventory: The agent has the ability to send messages, add/remove participants, and update thread topics, which could be exploited if the agent obeys instructions found within chat messages.\n
- Sanitization: No sanitization or validation of the message content is implemented before the data enters the agent's context.
Audit Metadata