azure-ai-document-intelligence-ts
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill installs @azure-rest/ai-document-intelligence and @azure/identity from the microsoft organization. These are official, trusted libraries.
- [Data Exposure & Exfiltration] (SAFE): Credentials like API keys and endpoints are handled via environment variables (DOCUMENT_INTELLIGENCE_API_KEY) rather than being hardcoded. No sensitive data access or unauthorized exfiltration patterns were identified.
- [Indirect Prompt Injection] (SAFE): 1. Ingestion points: Documents provided via URL or local file path. 2. Boundary markers: None provided in the extraction code. 3. Capability inventory: Uses node:fs for reading local files for analysis. 4. Sanitization: None provided. While this presents an indirect injection surface, it is consistent with the primary purpose of a document extraction tool and uses a trusted cloud provider for processing.
Audit Metadata