azure-ai-translation-document-py
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS] (INFO): The skill installs 'azure-ai-translation-document' via pip. This is an official library from Microsoft, which is a trusted organization, posing no significant supply chain risk.
- [DATA_EXFILTRATION] (LOW): The skill reads local files and content from Azure Blob Storage to send to Azure's cloud APIs. While this is the intended functionality, it involves data movement to external endpoints and requires management of SAS tokens and API keys.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted documents which constitutes an attack surface. 1. Ingestion points: Reads from local filesystem and Azure SAS URLs in SKILL.md. 2. Boundary markers: Absent; there are no instructions to the agent to ignore embedded commands in the documents. 3. Capability inventory: Writes translated documents to the local filesystem and remote storage. 4. Sanitization: Absent; the skill does not filter or sanitize document content before processing.
Audit Metadata