azure-ai
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates reading and processing external data via Azure AI Search and Speech services, creating a surface for indirect prompt injection where malicious instructions could be embedded in searched content or transcribed audio.
- Ingestion points: 'search_query' command in the 'azure__search' tool and 'speech_transcribe' in the 'azure__speech' tool.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are provided for external content processing.
- Capability inventory: The skill facilitates API calls to Azure AI services for search, transcription, and translation, but lacks local code execution or file-system modification capabilities.
- Sanitization: No specific sanitization or filtering logic is described; the skill relies on agent-level safety filters and standard SDK handling.
- [EXTERNAL_DOWNLOADS]: The skill documents the installation of official Microsoft Azure SDKs from trusted registries (PyPI, NPM, NuGet) to facilitate service integration.
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected. All external resources and packages originate from the trusted vendor Microsoft and adhere to best practices like recommending Entra ID over static keys.
Audit Metadata