azure-ai-voicelive-py
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [Secure Authentication]: The skill promotes the use of
DefaultAzureCredentialandAzureKeyCredentialmanaged via environment variables. This aligns with security best practices for avoiding hardcoded secrets. - [Network Communication]: The skill facilitates real-time bidirectional audio streaming via WebSockets. All communication targets official Azure Cognitive Services endpoints (e.g.,
*.api.cognitive.microsoft.com), which are well-known and trusted service domains. - [Dependency Management]: The skill utilizes standard, well-maintained libraries such as
azure-ai-voicelive,aiohttp, andazure-identity. These are legitimate packages used for Azure service integration and asynchronous HTTP communication. - [Data Processing]: As a voice AI SDK, the skill is designed to ingest and process audio and text data. While this creates a surface for processing untrusted user input, the SDK provides the necessary framework for developers to implement their own application-level sanitization and safety logic.
Audit Metadata