azure-ai-formrecognizer-java
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOW
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The document explicitly identifies hardcoded credentials as an incorrect pattern (Section 2.4) and demonstrates using environment variables for sensitive keys (Section 2.1).
- [Unverifiable Dependencies & Remote Code Execution] (LOW): The guide references official Azure SDK components from the Microsoft/Azure organization. Per the [TRUST-SCOPE-RULE], these are considered trusted sources, making the reference low-risk.
- [Indirect Prompt Injection] (LOW): The SDK patterns described allow for processing external document content via URLs or file paths, creating a potential data ingestion surface for the agent. However, the guide provides structured processing patterns and best-practice checklists to mitigate risks associated with handling untrusted data.
Audit Metadata