azure-ai-translation-ts
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install several official Azure packages from the NPM registry, including @azure-rest/ai-translation-text, @azure-rest/ai-translation-document, @azure/identity, and @azure/storage-blob.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes arbitrary text provided as input for translation services. Maliciously crafted input text could potentially influence agent behavior if the output is subsequently interpreted as instructions by a downstream process. * Ingestion points: The text property within the translation request body in SKILL.md accepts external content. * Boundary markers: No delimiters or explicit instructions to ignore embedded commands are present in the code examples to isolate translated text from instructions. * Capability inventory: The skill possesses network access to Azure service endpoints and local file system access via the writeFile function. * Sanitization: No explicit validation or sanitization of the input text is demonstrated in the provided code snippets.
Audit Metadata