azure-storage-blob-py
Fail
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill provides a significant surface for indirect prompt injection. 1. Ingestion points: Methods like download_blob and readall in SKILL.md allow untrusted external data to enter the agent context. 2. Boundary markers: No delimiters or instructions are implemented to prevent the agent from interpreting ingested data as executable instructions. 3. Capability inventory: The skill provides tools for local file writing and remote cloud storage modification (upload_blob, delete_blob). 4. Sanitization: There is no validation or sanitization of ingested content.
- [Unverifiable Dependencies & Remote Code Execution] (LOW): The skill requires azure-storage-blob and azure-identity. Per the security rules, these are downgraded to LOW as they are official packages from a trusted Microsoft GitHub organization.
- [Data Exposure & Exfiltration] (SAFE): The skill demonstrates secure credential handling by recommending DefaultAzureCredential and using environment variables instead of hardcoding secrets. Operations are directed at standard Azure endpoints.
Recommendations
- AI detected serious security threats
Audit Metadata