azure-storage-blob-py
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [Authentication Best Practices]: The skill demonstrates the use of
DefaultAzureCredentialfrom theazure-identitylibrary. This is a secure practice that allows for seamless authentication using environment variables or managed identities without embedding sensitive credentials in the code. - [Credential Handling]: The documentation includes explicit warnings in
references/acceptance-criteria.mdagainst using hardcoded connection strings or secrets, directing users toward secure configuration methods. - [Official SDK Integration]: The skill uses the official
azure-storage-blobpackage. All code samples follow standard API patterns for synchronous and asynchronous operations as defined in Microsoft's documentation. - [Trusted Infrastructure]: Communication is configured to interact with official Azure endpoints (
*.blob.core.windows.net), and external repository references point to the official Azure SDK GitHub organization. - [Data Ingestion Surface]: The skill includes methods for reading data from external blobs (
download_blob). While this represents an ingestion point for untrusted data, it is a core feature of the SDK, and the skill does not include any logic that would interpret this data as instructions, maintaining a safe execution profile.
Audit Metadata