Skills
skills/microsoft/skills/azure-keyvault-py/Gen Agent Trust Hub

azure-keyvault-py

Pass

Audited by Gen Agent Trust Hub on Feb 14, 2026

Risk Level: LOWEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill provides the capability to ingest external data from Azure Key Vault which may contain adversarial instructions. 1. Ingestion points: client.get_secret() and client.get_certificate() in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Full CRUD operations on secrets, keys, and certificates. 4. Sanitization: Absent.
  • Data Exposure (LOW): Provided code examples demonstrate printing secret values directly to the console (e.g., print(f'Value: {secret.value}')), a practice that can lead to credential leakage in logs or terminal history.
  • External Downloads (INFO): The skill installs and uses official Microsoft-maintained packages (azure-keyvault-* and azure-identity). These sources are within the trusted scope for Azure and Microsoft organizations, posing no immediate supply-chain risk.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 14, 2026, 05:00 PM