azure-servicebus-py
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses
DefaultAzureCredentialfrom theazure-identitypackage for authentication, which is the recommended secure method for Azure services as it avoids hardcoded secrets. - [SAFE]: The administration tool (
scripts/setup_servicebus.py) provides legitimate management capabilities using official Azure SDKs without any signs of privilege escalation or malicious command execution. - [PROMPT_INJECTION]: Indirect Prompt Injection Surface: The skill facilitates the ingestion of external data from message queues. While this is the primary purpose, it presents an inherent surface for indirect prompt injection if received messages contain malicious instructions.
- Ingestion points: Message retrieval in
SKILL.mdandreferences/dead-letter.mdusingreceiver.receive_messages(). - Boundary markers: None identified in the provided code snippets.
- Capability inventory: Azure SDK network operations for messaging and administration.
- Sanitization: Not explicitly implemented in the example processing logic.
Audit Metadata