azure-ai-transcription-py
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- Secure Credential Handling: The skill correctly identifies the use of environment variables as the preferred method for managing sensitive credentials like the subscription key and endpoint, reducing the risk of accidental exposure.
- Official Vendor Dependencies: The skill utilizes official Azure SDK components, ensuring that the code interacts with established and maintained services.
- Indirect Prompt Injection Surface: Since the skill is designed to transcribe audio from external URLs and streams, there is an inherent surface for indirect prompt injection. If the generated transcripts are subsequently used as instructions for an AI agent, the content of the audio should be treated as untrusted input.
- Ingestion points: External audio URLs and binary streams are ingested for processing in both the batch and real-time examples.
- Boundary markers: The skill does not currently specify delimiters for the resulting transcriptions when they are passed back to the user context.
- Capability inventory: The skill allows for the creation of transcription jobs and streams using authorized Azure AI services.
- Sanitization: The implementation relies on the standard SDK processing; users are encouraged to validate transcribed text if it is used to influence downstream logic.
Audit Metadata