Skills
skills/microsoft/skills/azure-eventhub-rust/Gen Agent Trust Hub

azure-eventhub-rust

Pass

Audited by Gen Agent Trust Hub on Feb 14, 2026

Risk Level: LOWEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • Unverifiable Dependencies & Remote Code Execution (LOW): The skill installs Azure SDK crates using the Rust package manager.
  • Evidence: cargo add azure_messaging_eventhubs azure_identity and cargo add azure_messaging_eventhubs_checkpointstore_blob in SKILL.md.
  • Trust Status: These packages are maintained by the Azure GitHub organization, which is a verified trusted source. Under [TRUST-SCOPE-RULE], the download finding is downgraded to LOW.
  • Data Exposure & Exfiltration (INFO): The skill is designed to communicate with Azure cloud infrastructure over the network.
  • Evidence: Connection logic targets the <namespace>.servicebus.windows.net hostname.
  • Context: Network communication is the core functionality of the skill. It utilizes DeveloperToolsCredential for secure, non-hardcoded authentication, which is a best practice.
  • Indirect Prompt Injection (INFO): The skill ingests untrusted data from external Event Hub partitions.
  • Evidence Chain:
  • Ingestion points: receiver.receive_events(100, None) in SKILL.md.
  • Boundary markers: None present in the provided snippets.
  • Capability inventory: The skill allows for receiving and printing the body of external events.
  • Sanitization: Events are displayed via debug printing ({:?}) without specific sanitization.
  • Severity: INFO. In the context of this skill, the data is only used for local display (println!) and does not influence privileged agent decisions or command execution.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 14, 2026, 04:59 PM