azure-ai-vision-imageanalysis-py
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the
azure-ai-vision-imageanalysispackage, which is the official SDK provided by Microsoft for Azure AI Vision services. - [COMMAND_EXECUTION]: Includes standard documentation for installing the required dependency using the
pippackage manager. - [CREDENTIALS_UNSAFE]: Correctly utilizes environment variables and
DefaultAzureCredentialfor managing sensitive API keys and authentication tokens, avoiding hardcoded secrets. - [PROMPT_INJECTION]: The skill provides image analysis capabilities, including OCR and captioning, which introduces an indirect prompt injection surface.
- Ingestion points: Reads image data from URLs and local files in
SKILL.mdfor processing. - Boundary markers: No explicit delimiters or instructions to disregard embedded text are defined in the code examples.
- Capability inventory: The skill is designed to interact with external Azure AI services to perform vision tasks like OCR and object detection.
- Sanitization: No sanitization of the text extracted via OCR or generated captions is shown in the provided examples before potential use in downstream prompts.
Audit Metadata