The Agent Skills Directory

Indirect Prompt Injection Surface: The skill is designed to receive and process messages from Azure Event Hubs (e.g., via the args.Data.EventBody property). Because this content originates from external producers, it could potentially contain data that an agent might interpret as instructions. This is a standard characteristic of event-processing systems and should be managed by validating or sanitizing event content before using it in decision-making logic.
Secure Authentication Practices: The skill correctly promotes the use of DefaultAzureCredential for production environments. This approach leverages Azure Active Directory and managed identities, which is a significant security improvement over hardcoding or storing sensitive connection strings in configuration files.

azure-eventhub-dotnet