azure-ai-translation-text-py
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [External Downloads] (LOW): The skill requires the installation of
azure-ai-translation-textand suggestsazure-identity. These are official packages from Microsoft/Azure, which is a trusted organization. Per the [TRUST-SCOPE-RULE], the severity of this download is downgraded to LOW. - [Indirect Prompt Injection] (LOW): This skill processes untrusted text through the
bodyparameter in methods liketranslateandtransliterate. While this creates an attack surface for indirect prompt injection (Category 8), the skill lacks dangerous capabilities such as file system writes or arbitrary command execution that could be exploited via translation output. The risk is limited to the agent's interpretation of the translated results. - Ingestion points:
bodyparameter intranslate,transliterate,detect,find_sentence_boundaries, andlookup_dictionary_entries(SKILL.md). - Boundary markers: None present; the text is passed directly to the Azure SDK.
- Capability inventory: Limited to network requests to Azure Cognitive Services API.
- Sanitization: None; relies on the Azure service and SDK serialization.
- [Data Exfiltration] (INFO): The skill sends text data to Azure for translation. This is a legitimate function of the skill and targets a trusted domain (cognitiveservices.azure.com). It does not access sensitive local files (e.g., SSH keys, AWS creds) for exfiltration.
Audit Metadata