azure-appconfiguration-java
Fail
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill defines Java code patterns that create a significant indirect prompt injection surface by combining data ingestion with high-privilege write capabilities.\n
- Ingestion points: Configuration data is ingested via
client.getConfigurationSettingandclient.listConfigurationSettingsas shown inreferences/acceptance-criteria.md.\n - Boundary markers: None present. The code snippets demonstrate direct processing of strings retrieved from the external service.\n
- Capability inventory: The skill provides patterns for
addConfigurationSetting,setConfigurationSetting, anddeleteConfigurationSetting, allowing the agent to modify the external environment.\n - Sanitization: No sanitization or validation logic is present in the provided snippets to mitigate the risk of malicious configuration values.\n- [External Downloads] (LOW): The skill references the
com.azure:azure-data-appconfigurationMaven package.\n - Evidence: Reference to Azure SDK for Java repository and package names.\n
- Trust Status: The
azureorganization is a trusted source, which downgrades this dependency finding to LOW per trust-scope rules.
Recommendations
- AI detected serious security threats
Audit Metadata