azure-communication-chat-java
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [Secure Credential Management]: The skill correctly instructs users to use environment variables like
AZURE_COMMUNICATION_USER_TOKENand theCommunicationTokenCredentialclass rather than hardcoding sensitive information. This aligns with recommended security practices for managing user access tokens in communication services. - [Trusted Dependencies]: The skill utilizes official Azure SDK packages (
com.azure:azure-communication-chat), which are maintained by a trusted organization and follow standard security and maintenance protocols. The use of these verified libraries ensures that the application interacts with Azure services using vetted and secure communication channels. - [Indirect Prompt Injection Surface]: The skill processes external message data via methods such as
listMessages()andgetMessage(). This represents a potential surface for indirect prompt injection if an attacker sends messages containing instructions for the agent. Ingestion points: External data enters the agent context through chat message retrieval inSKILL.mdandreferences/examples.md. Boundary markers: Explicit delimiters or 'ignore' instructions for embedded content are not provided in the code examples. Capability inventory: The skill includes capabilities to send messages, update message content, and manage chat threads. Sanitization: Application-level sanitization of message content is recommended when displaying or processing message contents to ensure robust data handling and prevent injection attacks.
Audit Metadata