azure-appconfiguration-java
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill includes instructions to download the official Azure App Configuration client library (
com.azure:azure-data-appconfiguration) and the Azure SDK Bill of Materials (BOM) from Maven Central. These packages are provided by a trusted organization. - [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from a remote Azure App Configuration store, which creates a surface for indirect prompt injection. If an attacker modifies configuration values to include malicious instructions, they could influence the agent's logic.
- Ingestion points: Data is retrieved from the remote service using methods such as
getConfigurationSetting,listConfigurationSettings, andlistConfigurationSettingsForSnapshotas shown inSKILL.md. - Boundary markers: The provided code examples do not use delimiters or boundary markers to differentiate retrieved configuration values from internal instructions.
- Capability inventory: The skill provides comprehensive capabilities to read, write, and list configuration settings, feature flags, and point-in-time snapshots.
- Sanitization: No sanitization or validation of the retrieved configuration values is demonstrated in the provided code snippets before the data is used or printed.
Audit Metadata