azure-ai-contentunderstanding-py
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injectio n (LOW): The skill ingests untruste d external media which may contain maliciou s instruction s designe d to influenc e the agent.
- Ingestio n points: The
client.begin_analyzemetho d inSKILL.mdprocesse s conten t from untruste d URLs viaAnalyzeInput. - Boundary markers: Absent; the skill extract s raw markdow n and transcrip t s withou t delimiter s or 'ignor e' instruction s.
- Capabilit y inventor y: The skill extract s text ual conten t but lack s privilege d operation s like file write s or subproces s executio n.
- Sanitizatio n: Absent; raw extracte d conten t is passe d directl y to the cons ume r.
- External Dow nloa d s (LOW): The skill install s
azure-ai-content understanding, a verifie d packag e from Microsof t, which is a truste d source per [TRUST-SCOPE-RULE].
Audit Metadata