azure-cosmos-py
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill uses official Azure SDK libraries from a trusted vendor for database interactions.
- [SAFE]: Authentication is implemented via DefaultAzureCredential, supporting managed identities and avoiding hardcoded secrets.
- [SAFE]: The skill correctly recommends and demonstrates parameterized queries to prevent database injection.
- [PROMPT_INJECTION]: Indirect prompt injection surface exists through database reads.
- Ingestion points: Item retrieval and query methods in SKILL.md and query-patterns.md.
- Boundary markers: None specified for isolating data from instructions.
- Capability inventory: CRUD operations on Cosmos DB.
- Sanitization: Parameterized queries are used at the database layer.
Audit Metadata