Skills
skills/hainamchung/agent-assistant/cosmos-db-python-skill/Gen Agent Trust Hub

cosmos-db-python-skill

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [Data Exposure & Exfiltration] (SAFE): Hardcoded Emulator Key. The files references/client-setup.md and assets/cosmos_client_template.py include the well-known Azure Cosmos DB emulator key (C2y6yDjf5/R+ob0N8A7Cgv...). This is a documented public constant for local development and is correctly gated by endpoint checks for localhost, posing no risk to production environments.
  • [Indirect Prompt Injection] (LOW): Indirect Prompt Injection Surface. The skill facilitates reading untrusted data from a database which could be used as input for an LLM.
  • Ingestion points: get_document and query_documents in assets/service_template.py and assets/cosmos_client_template.py.
  • Boundary markers: Absent in the provided templates.
  • Capability inventory: The skill provides database write capabilities (upsert_document) and delete capabilities (delete_document).
  • Sanitization: The implementation correctly uses parameterized queries to prevent Cosmos DB injection, but does not provide specific sanitization for NL content stored within the documents.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:49 PM