azure-ai-contentsafety-java
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill utilizes the 'com.azure:azure-ai-contentsafety' package. This is a trusted dependency from the Microsoft/Azure organization, which minimizes the risk of supply chain attacks.
- PROMPT_INJECTION (LOW): The skill exhibits an indirect prompt injection surface (Category 8) because its core purpose is to process untrusted data.
- Ingestion points: Untrusted data enters the agent context through the 'AnalyzeTextOptions' (text) and 'ContentSafetyImageData' (images/URLs) classes in 'SKILL.md'.
- Boundary markers: Explicit delimiters or 'ignore instructions' warnings are not present in the provided code examples.
- Capability inventory: The skill is limited to making remote API calls to Azure services; it does not possess local shell execution, file-write, or other high-privilege capabilities.
- Sanitization: Content is passed directly to the Azure AI Content Safety service without client-side sanitization, which is the intended use case for a moderation tool.
Audit Metadata