The Agent Skills Directory

The skill 'azure-cosmos-rust' is primarily a documentation and example guide for using the Azure Cosmos DB SDK for Rust. It outlines installation steps, authentication methods, and CRUD operations.

Prompt Injection: No patterns indicative of prompt injection were found in the skill's description or content.
Data Exfiltration: There are no commands or code snippets that attempt to read sensitive files or exfiltrate data to untrusted external servers. The examples focus on legitimate interactions with Azure Cosmos DB.
Obfuscation: No obfuscation techniques (Base64, zero-width characters, homoglyphs, URL/hex/HTML encoding) were detected in either file.
Unverifiable Dependencies: The skill instructs the user to install Rust packages using cargo add azure_data_cosmos azure_identity (SKILL.md, line 12) and cargo add azure_data_cosmos --features key_auth (SKILL.md, line 78). These packages are sourced from crates.io, which is a trusted Rust package registry. Furthermore, the skill explicitly links to the official Azure SDK for Rust GitHub repository (https://github.com/Azure/azure-sdk-for-rust/tree/main/sdk/cosmos/azure_data_cosmos), which is a trusted GitHub organization. Due to these being trusted external sources, this finding is downgraded to LOW/INFO severity.
Privilege Escalation: No commands like sudo, chmod, or other privilege escalation attempts were found.
Persistence Mechanisms: No attempts to establish persistence (e.g., modifying .bashrc, crontab, authorized_keys) were detected.
Metadata Poisoning: The skill's metadata (name, description) is benign and accurately reflects its purpose.
Indirect Prompt Injection: The skill does not process external user-supplied content, so it is not susceptible to indirect prompt injection.
Time-Delayed / Conditional Attacks: No conditional logic that would trigger malicious behavior based on time, usage, or environment was found.

Adversarial Reasoning: The skill's content is consistent with its stated purpose as an SDK usage guide. The 'Anti-Patterns' section in references/acceptance-criteria.md even explicitly warns against insecure practices like hardcoding connection strings, indicating a focus on good security practices. The cargo add commands, while involving external downloads and command execution, are standard for Rust development and point to highly trusted sources. Therefore, the risk associated with these instructions is minimal.