The Agent Skills Directory

[SAFE]: The skill references the com.azure:azure-communication-callautomation Maven package and official Azure domains (e.g., communication.azure.com), which belong to Microsoft, a well-known and trusted technology company.
[PROMPT_INJECTION]: The skill documentation describes how to process external inputs such as speech recognition and webhook events, which introduces a potential surface for indirect prompt injection.
Ingestion points: The requestBody in the handleCallback method and results from CallMedia.startRecognizing (speech and DTMF recognition).
Boundary markers: The code snippets do not demonstrate the use of delimiters or specific instructions to the agent to ignore embedded commands in the processed data.
Capability inventory: The skill's documentation includes file-writing capabilities (via downloadTo) and the ability to make authenticated network requests through the Azure SDK.
Sanitization: No input validation or sanitization logic is provided in the examples for handling data retrieved from external sources before it is processed or logged.

azure-communication-callautomation-java