azure-ai-translation-ts
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No evidence of instructions attempting to bypass safety filters or override agent behavior was found.
- Data Exposure & Exfiltration (SAFE): The skill uses environment variables (e.g.,
TRANSLATOR_SUBSCRIPTION_KEY) for authentication and provides explicit warnings against hardcoding credentials in the acceptance criteria. No unauthorized network operations were detected. - Obfuscation (SAFE): The code and documentation are clear and do not contain Base64, zero-width characters, or other hidden content.
- Unverifiable Dependencies (SAFE): The skill references official Azure SDK packages (
@azure-rest/ai-translation-text,@azure-rest/ai-translation-document,@azure/identity). These originate from a trusted organization (Microsoft/Azure). - Indirect Prompt Injection (LOW): As a translation skill, it ingests untrusted text data for processing. While it has the capability to write files via
node:fs/promises, this is a standard use case for document translation and does not present an elevated risk in this context. - Persistence & Privilege Escalation (SAFE): No commands for modifying system configurations, acquiring root privileges, or establishing persistence were found.
Audit Metadata