agents-v2-py
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- Standard Package Installation: The instructions include the installation of
azure-ai-projectsandazure-identity. These are official Microsoft SDKs required for the functionality described and originate from a trusted vendor environment. - Secure Authentication Patterns: The documentation consistently recommends using
DefaultAzureCredential, which is a security best practice for Azure development. This approach avoids the need for hardcoded credentials by leveraging Managed Identities or local development environments (like Azure CLI or Environment Variables). - External Resource Configuration: The skill allows for the configuration of external Model Context Protocol (MCP) servers and container registries. While these represent network touchpoints, they are documented as user-defined parameters for integrating the user's own infrastructure and services.
- Indirect Prompt Injection Surface: By facilitating the creation of agents that ingest data from external tools (such as MCP servers or custom containerized logic), the skill manages an inherent surface for indirect prompt injection.
- Ingestion points: Data enters the agent context via MCP tool outputs (
server_url) and container responses. - Boundary markers: Not explicitly defined in the basic code templates provided.
- Capability inventory: The agent is configured with
code_interpreter,file_search, and custom MCP tools as described inSKILL.md. - Sanitization: Standard sanitization is not demonstrated in these configuration examples; users should implement validation within their custom agent logic as a secondary security measure.
Audit Metadata