azure-language-service
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill instructions and metadata are verified as safe. No code obfuscation, privilege escalation, or persistence mechanisms were found.
- [EXTERNAL_DOWNLOADS]: The skill references technical documentation from official Microsoft domains (
learn.microsoft.com) and suggests tools from the official MicrosoftDocs GitHub organization. These are recognized as trusted sources. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its data ingestion capabilities. 1. Ingestion points: Remote content is fetched via
mcp_microsoftdocs:microsoft_docs_fetchandfetch_webpage. 2. Boundary markers: The skill does not define specific markers to delimit documentation content from instructions. 3. Capability inventory: The agent utilizes network access to retrieve documentation. 4. Sanitization: No explicit sanitization or validation of external documentation content is implemented. This surface does not escalate the verdict because the content source is trusted.
Audit Metadata