microsoft-agent-framework
Warn
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill suggests
pip install agent-frameworkfor Python projects. This generic name lacks an official vendor prefix (e.g., 'microsoft-'), which is atypical for Microsoft-maintained libraries. Recommending a generic package name from a public registry presents a risk of dependency confusion. - [PROMPT_INJECTION]: The skill's behavior is influenced by the contents of workspace files (e.g., project configuration and source files), creating an indirect prompt injection surface. An attacker could potentially influence the agent's architectural recommendations by modifying these files.
- Ingestion points: Workspace files including .cs, .csproj, .py, and pyproject.toml
- Boundary markers: None identified in the skill instructions
- Capability inventory: The skill provides code generation, explanation, and package recommendation based on file analysis
- Sanitization: No sanitization or validation of ingested file content is performed
- [SAFE]: All documentation and source code links point to official Microsoft and GitHub domains.
Audit Metadata