azure-storage-blob-java

The skill azure-storage-blob-java is a documentation-only skill providing examples for the Azure Storage Blob SDK for Java. It consists of three Markdown files: SKILL.md, references/acceptance-criteria.md, and references/examples.md.

1. Prompt Injection: No patterns indicative of prompt injection were found in any of the files. The language is purely instructional and descriptive.
2. Data Exfiltration: The skill itself does not perform any data exfiltration. It provides Java code examples that demonstrate how a user's application could interact with Azure Blob Storage, including uploading and downloading data. The examples correctly show how to handle credentials (e.g., using DefaultAzureCredentialBuilder or System.getenv() for shared keys/SAS tokens) and even warn against insecure practices like hardcoding connection strings or creating overly permissive SAS tokens.
3. Obfuscation: No obfuscated content (Base64, zero-width characters, homoglyphs, URL/hex/HTML encoding) was detected in any of the files. All content is presented in clear, readable Markdown and Java code.
4. Unverifiable Dependencies: The skill references com.azure:azure-storage-blob and com.azure:azure-identity as dependencies. These are official Azure SDKs, and the Azure GitHub organization is listed as a trusted source. Since the skill itself is documentation and does not execute any installation commands, this is not a direct threat, but rather an informational note about the origin of the referenced libraries.
5. Privilege Escalation: No commands or instructions for privilege escalation (e.g., sudo, chmod 777, system file modifications) were found.
6. Persistence Mechanisms: No instructions for establishing persistence (e.g., modifying .bashrc, creating cron jobs, systemd services) were found.
7. Metadata Poisoning: The metadata fields (name, description) in SKILL.md are benign and accurately reflect the skill's purpose. No malicious content was found in any metadata-like sections.
8. Indirect Prompt Injection: This threat category is not applicable as the skill is documentation and does not process external user-supplied data in a way that could lead to indirect injection.
9. Time-Delayed / Conditional Attacks: No conditional logic designed to trigger malicious behavior based on time, usage, or environment was found.

The skill's content is entirely descriptive and illustrative, providing guidance and examples for using a legitimate SDK. It does not contain any executable components that the AI agent would run, nor does it instruct the agent to perform any malicious actions. The examples provided adhere to good security practices for credential handling.