azure-search-documents-dotnet
Fail
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- PROMPT_INJECTION (HIGH): High surface for indirect prompt injection (Category 8). * Ingestion point: Search results returned via SearchAsync in SKILL.md and used in the application context. * Boundary markers: None present in the code examples; untrusted data from search results is processed directly without delimiters. * Capability inventory: The skill includes document modification capabilities (UploadDocumentsAsync, MergeDocumentsAsync, DeleteDocumentsAsync) and index management (CreateOrUpdateIndexAsync) which allow for permanent data alteration. * Sanitization: No evidence of input sanitization or validation of search results before performing follow-on actions.
- EXTERNAL_DOWNLOADS (LOW): The skill installs the Azure.Search.Documents and Azure.Identity packages. * Evidence: dotnet add package commands in SKILL.md. * Mitigation: These are official Microsoft packages from the trusted NuGet gallery, downgrading this specific finding to LOW per [TRUST-SCOPE-RULE].
Recommendations
- AI detected serious security threats
Audit Metadata