Skills
skills/microsoft/skills/azure-eventgrid-java/Gen Agent Trust Hub

azure-eventgrid-java

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection Surface: The skill includes patterns for ingesting untrusted data by parsing JSON event payloads from external sources.
  • Ingestion points: SKILL.md and references/acceptance-criteria.md demonstrate parsing JSON strings into EventGridEvent and CloudEvent objects using the SDK's built-in methods.
  • Boundary markers: No explicit instructions or delimiters are provided to the agent to treat the parsed content as untrusted data or to ignore potential instructions embedded within the payload.
  • Capability inventory: The skill allows the agent to perform network operations through the client.sendEvent() and client.sendEvents() methods.
  • Sanitization: The implementation leverages strongly-typed Java classes for data mapping, which provides an inherent validation layer for the structure of the incoming data.
  • Secure Authentication Practices: The documentation correctly emphasizes the use of DefaultAzureCredential and environment variables for managing topic endpoints and access keys, which follows recommended security protocols to prevent credential exposure.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 03:16 PM