azure-eventhub-ts
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- EXTERNAL_DOWNLOADS (SAFE): The skill references and installs official Azure SDK packages (
@azure/event-hubs,@azure/identity, etc.) from NPM. These belong to a trusted organization (Microsoft/Azure) and do not pose a security risk in this context. - CREDENTIALS_UNSAFE (SAFE): Authentication is handled using
DefaultAzureCredential(), which is a secure practice that avoids hardcoded secrets by looking for credentials in the environment or managed identities. - DATA_EXFILTRATION (SAFE): Network activity is restricted to legitimate Azure service endpoints (
servicebus.windows.netandblob.core.windows.net) for the purpose of event streaming and checkpointing. - INDIRECT_PROMPT_INJECTION (SAFE): While the skill ingests external data from Event Hubs, it does not pass this data to an LLM or any executable context in a way that suggests a vulnerability.
- Ingestion points: Data is received via the
processEventscallback inSKILL.md. - Boundary markers: Not applicable for this implementation.
- Capability inventory: No shell execution, dynamic code execution, or unauthorized file access capabilities are present.
- Sanitization: Data is treated as structured event objects and logged/processed as telemetry.
Audit Metadata