Skills
skills/microsoft/skills/azure-cosmos-rust/Gen Agent Trust Hub

azure-cosmos-rust

Fail

Audited by Gen Agent Trust Hub on Feb 14, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill recommends installing azure_data_cosmos and azure_identity via cargo add. These packages are maintained by the Azure GitHub organization, which is a Trusted External Source.
  • PROMPT_INJECTION (HIGH): The skill presents a significant Indirect Prompt Injection surface (Category 8). 1. Ingestion points: Untrusted external data is brought into the agent context via container.read_item (SKILL.md). 2. Boundary markers: There are no instructions or delimiters to isolate data from commands or to instruct the agent to ignore embedded instructions. 3. Capability inventory: The skill provides the agent with write/modify capabilities including create_item, replace_item, and patch_item (SKILL.md), which could be misused if the agent is influenced by malicious data. 4. Sanitization: No sanitization or validation logic is defined to check data retrieved from the database before it is used.
  • COMMAND_EXECUTION (LOW): The skill involves running standard cargo commands and executing compiled Rust binaries to perform database operations, which is expected for this type of skill.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 14, 2026, 04:59 PM