Skills
skills/microsoft/skills/azure-ai-vision-imageanalysis-java/Gen Agent Trust Hub

azure-ai-vision-imageanalysis-java

Pass

Audited by Gen Agent Trust Hub on Feb 14, 2026

Risk Level: LOWEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • Unverifiable Dependencies & Remote Code Execution (LOW): The skill utilizes the Maven dependency com.azure:azure-ai-vision-imageanalysis version 1.1.0-beta.1.
  • Evidence: References found in SKILL.md and acceptance-criteria.md.
  • Notes: Microsoft/Azure is a trusted organization; the finding is downgraded per the [TRUST-SCOPE-RULE].
  • Indirect Prompt Injection (LOW): The skill processes untrusted image content which could contain malicious text or instructions intended to influence the agent.
  • Ingestion points: The analyzeFromUrl and analyze methods in SKILL.md accept arbitrary input from external URLs and local files.
  • Boundary markers: No delimiters or instruction-ignore guards are used around the extracted text.
  • Capability inventory: Capability is currently limited to terminal display (System.out.printf) of extracted text.
  • Sanitization: No sanitization or validation of the OCR output or captioning is performed.
  • Data Exposure & Exfiltration (LOW): The skill performs network operations to Azure Cognitive Services endpoints.
  • Evidence: Network usage is central to the ImageAnalysisClient implementation in SKILL.md.
  • Notes: This is a functional requirement; no access to or exfiltration of sensitive system files was detected.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 14, 2026, 04:59 PM