agent-framework-azure-ai-py
Warn
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing 'agent-framework' and 'agent-framework-azure-ai' via pip. These names are generic and do not follow official naming conventions, which could lead to installing unrelated or malicious packages if the names are squatted in public registries.\n- [COMMAND_EXECUTION]: The framework incorporates the 'HostedCodeInterpreterTool', enabling the execution of Python code within the Azure environment. This capability represents a significant execution surface if the agent's instructions are manipulated.\n- [PROMPT_INJECTION]: The skill architecture contains an indirect prompt injection surface. \n
- Ingestion points: Data enters the system through user queries in 'agent.run' and external search results from the 'HostedWebSearchTool'. \n
- Boundary markers: No specific delimiters or instructions are used to distinguish untrusted data from system prompts in the provided examples. \n
- Capability inventory: The created agents have access to web search and remote code execution tools. \n
- Sanitization: The skill does not demonstrate any sanitization or validation of the input data before it is processed by the agent.
Audit Metadata