azure-stream-analytics
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill functions as a documentation retrieval tool for Azure Stream Analytics. It uses official and trusted URLs from the Microsoft Learn platform.
- [EXTERNAL_DOWNLOADS]: Fetches content from learn.microsoft.com. These references are safe and legitimate for the skill's stated purpose and originate from the vendor's own official infrastructure.
- [PROMPT_INJECTION]: No instructions were found that attempt to override agent behavior, bypass safety filters, or extract system prompts. Guidance provided to the agent consists of standard tool usage instructions for documentation lookup.
- [DATA_EXFILTRATION]: No access to sensitive local files (e.g., credentials, SSH keys) or unauthorized network exfiltration patterns were observed. Network operations are strictly for retrieving documentation.
- [COMMAND_EXECUTION]: The skill does not contain any scripts, shell commands, or dynamic code execution patterns. It provides guidance on using developer tools (VS Code, PowerShell) in a descriptive context.
- [PROMPT_INJECTION]: Analysis of indirect prompt injection surface:
- Ingestion points: External Markdown content is ingested from learn.microsoft.com using tools like mcp_microsoftdocs:microsoft_docs_fetch.
- Boundary markers: None explicitly defined in the prompt template.
- Capability inventory: The skill has no active capabilities such as file-writing, subprocess execution, or outgoing network POST requests.
- Sanitization: Content is retrieved from a highly trusted vendor source, significantly reducing the risk of malicious payload injection via documentation.
Audit Metadata