agent-framework-azure-ai-py
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- Dynamic Execution (MEDIUM): The documentation defines patterns for
HostedCodeInterpreterTool, which allows the AI agent to generate and execute Python code on the Azure AI service. This creates a surface for dynamic code execution based on LLM outputs. - Indirect Prompt Injection (LOW): The skill documentation includes patterns for ingesting data from external, untrusted sources via
HostedWebSearchTool,HostedFileSearchTool, andHostedMCPTool. Ingestion points: Web search queries, vector store document retrieval, and MCP server endpoints (e.g.,references/tools.md,references/mcp.md). Boundary markers: None identified in the provided reference snippets. Capability inventory: Includes a Python code interpreter (HostedCodeInterpreterTool) and network-based tools (HostedMCPTool). Sanitization: No input sanitization or validation logic is presented in the reference documentation for these ingestion points.
Audit Metadata