azure-data-explorer-kusto-queries
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides numerous code examples for the Azure Data Explorer Python plugin. In 'feature-area-skill-resources/udf-functions-library/examples.md' and related documentation, it includes patterns using 'pickle.loads()' to deserialize models stored in database tables. This is an unsafe deserialization practice that can lead to arbitrary code execution if the source data (the models table) is compromised.
- [PROMPT_INJECTION]: The skill defines a significant surface for indirect prompt injection. It includes instructions for ingesting data from untrusted external sources such as Event Hubs, IoT Hubs, and REST APIs (documented in 'feature-area-skill-resources/data-ingestion/reference.md'). Because the skill also documents powerful capabilities like executing inline Python code or management commands on the ingested data without mentioning specific sanitization or boundary markers, a malicious actor could embed instructions in the ingested telemetry to influence agent behavior.
Audit Metadata