azure-eventgrid-dotnet
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references official Microsoft NuGet packages including Azure.Messaging.EventGrid, Azure.Identity, and Microsoft.Azure.Messaging.EventGrid.CloudNativeCloudEvents. These are well-known, trusted dependencies from a recognized vendor.
- [PROMPT_INJECTION]: The skill facilitates the processing of external event data (CloudEvents and EventGridEvents), which constitutes an indirect prompt injection attack surface.
- Ingestion points: External data is ingested via
EventGridEvent.ParseMany,CloudEvent.ParseMany, and Azure Function triggers as described inSKILL.md. - Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the provided snippets.
- Capability inventory: The skill demonstrates capabilities for network publishing via
EventGridPublisherClientand logging. - Sanitization: The examples show direct deserialization of event data into objects (e.g.,
egEvent.Data.ToObjectFromJson<MyCustomData>()) without demonstrating sanitization or validation steps.
Audit Metadata