azure-eventhub-py
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOWPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface detected. The skill is designed to ingest and process external data from Azure Event Hubs, which can contain untrusted instructions. * Ingestion points: The
on_eventcallback inSKILL.mdandreferences/acceptance-criteria.mdextracts external data viaevent.body_as_str(). * Boundary markers: None are present to delimit untrusted data from agent instructions. * Capability inventory: The provided code demonstrates low-risk capabilities including printing to console (print), state management (update_checkpoint), and sending events (send_batch). No arbitrary command execution or file system writes are present. * Sanitization: No sanitization or validation of the event body is performed before display. - [EXTERNAL_DOWNLOADS] (LOW): The skill requires installation of
azure-eventhub,azure-identity, andazure-eventhub-checkpointstoreblob-aio. These are official packages from Microsoft/Azure. Per [TRUST-SCOPE-RULE], these findings are downgraded to LOW/INFO as they originate from a trusted organization. - [SAFE] (SAFE): No evidence of hardcoded credentials, malicious obfuscation, or unauthorized data exfiltration was found. The use of
DefaultAzureCredentialfollows cloud security best practices.
Audit Metadata