Skills
skills/microsoft/skills/azure-storage-queue-py/Gen Agent Trust Hub

azure-storage-queue-py

Warn

Audited by Gen Agent Trust Hub on Feb 14, 2026

Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION] (MEDIUM): Indirect prompt injection surface via external message ingestion.
  • Ingestion points: queue_client.receive_messages() in SKILL.md retrieves content from an external Azure Queue.
  • Boundary markers: Absent. The skill does not provide delimiters or instructions to ignore embedded commands in the message body.
  • Capability inventory: The skill can send, update, and delete messages, allowing an attacker to potentially manipulate the queue state if the agent obeys instructions inside a message.
  • Sanitization: Absent. Content is processed as raw strings or JSON.
  • [EXTERNAL_DOWNLOADS] (INFO): Uses official Microsoft Azure SDKs.
  • Evidence: pip install azure-storage-queue azure-identity.
  • Trust Status: Downgraded to INFO as Microsoft/Azure is a verified trusted organization.
  • [SAFE] (SAFE): Implements secure authentication patterns.
  • Evidence: Uses DefaultAzureCredential and os.environ for configuration, explicitly flagging hardcoded keys as anti-patterns in references/acceptance-criteria.md.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 14, 2026, 05:00 PM