azure-appconfiguration-ts
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- EXTERNAL_DOWNLOADS (SAFE): The skill uses official Azure and Microsoft packages (@azure/app-configuration, @azure/identity) from the npm registry. These originate from trusted organizations and are standard for Azure development.
- CREDENTIALS_UNSAFE (SAFE): The documentation explicitly warns against hardcoding connection strings and credentials. It demonstrates best practices by using DefaultAzureCredential and environment variables for authentication.
- DATA_EXFILTRATION (SAFE): No unauthorized network activity or data transmission patterns were detected. Communication is limited to the Azure service endpoints configured by the developer.
- PROMPT_INJECTION (SAFE): No instructions were found that attempt to bypass AI safety filters or hijack the agent's core instructions.
- FALSE POSITIVE ANALYSIS (INFO): The automated scan flagged 'label.name' as a malicious URL. This is a false positive; in the context of the provided TypeScript code (client.listLabels()), 'name' is a property of the 'label' object returned by the Azure SDK, not a reference to a phishing domain.
Audit Metadata