Skills
skills/membranedev/application-skills/azure-ai-vision/Gen Agent Trust Hub

azure-ai-vision

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill directs the user to install the @membranehq/cli package from the NPM registry. This is a vendor-owned package used to facilitate the integration.
  • [COMMAND_EXECUTION]: The skill utilizes several membrane CLI commands to interact with the Azure AI Vision API, including login, connect, action list, and action run. These commands are standard for the tool's documented purpose.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection:
  • Ingestion points: Data retrieved from Azure AI Vision, such as OCR text (read-text-from-image) and image analysis results (analyze-image), enters the agent's context (SKILL.md).
  • Boundary markers: The instructions do not define specific delimiters or warnings to ignore instructions embedded in the processed data.
  • Capability inventory: The skill has the capability to execute shell commands via the membrane CLI (SKILL.md).
  • Sanitization: No explicit sanitization or validation of the data returned from the external API is implemented within the provided instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 05:38 PM