azure-ai-formrecognizer-java
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the
com.azure:azure-ai-formrecognizerdependency from Microsoft, which is a trusted organization. This library is used for official integration with Azure AI Document Intelligence services. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by ingesting data from untrusted external sources.
- Ingestion points: Untrusted data enters the agent context via
documentUrlinbeginAnalyzeDocumentFromUrlandblobContainerUrlinbeginBuildDocumentModel(SKILL.md). - Boundary markers: No explicit delimiters or instructions are used to prevent the agent from executing commands embedded within the documents being analyzed.
- Capability inventory: The skill is capable of reading local files using
BinaryData.fromFileand making network requests to Azure's Document Intelligence API endpoints. - Sanitization: There is no evidence of URL validation, schema enforcement for the documents, or sanitization of the OCR output before it is returned to the agent.
Audit Metadata