azure-eventhub-ts
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill utilizes official Microsoft packages (@azure/event-hubs, @azure/identity, etc.) from the npm registry. These originate from a trusted organization.
- [CREDENTIALS_UNSAFE] (SAFE): No hardcoded secrets were detected. The skill uses DefaultAzureCredential, which is the recommended security practice for Azure SDKs to manage identity without embedding keys.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill defines an ingestion surface where data from Event Hubs is processed (processEvents). While the examples only perform logging, users should be aware that processing untrusted event data can lead to indirect injection if the payload is later passed to an LLM without sanitization.
- [DATA_EXFILTRATION] (SAFE): The network activity is restricted to legitimate Azure service endpoints (servicebus.windows.net and blob.core.windows.net) necessary for event streaming and checkpointing.
Audit Metadata