azure-ai-projects-ts
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install official, well-known libraries from the @azure scope (Microsoft) via the npm registry, including
@azure/ai-projectsand@azure/identityfor core functionality, and@azure/monitor-opentelemetryfor observability. - [COMMAND_EXECUTION]: The documentation includes methods for interacting with the local file system, specifically
client.datasets.uploadFileandclient.datasets.uploadFolder, which are used to transit local data to the Azure AI service for training or evaluation purposes. - [PROMPT_INJECTION]: The skill enables the creation of AI agents with tools such as
file_search,web_search_preview, andazure_ai_search. This establishes an attack surface for indirect prompt injection, as the agent may ingest and process untrusted external data (web pages, files, or search results) that could contain malicious instructions. - Ingestion points: Data enters the agent context through file search, web search previews, and Azure AI Search indexes.
- Boundary markers: Not explicitly defined in the provided code snippets.
- Capability inventory: The skill allows for the creation, execution, and deletion of agents, as well as file management and resource connection retrieval.
- Sanitization: Sanitization of retrieved external content is not specified within the SDK examples.
Audit Metadata