azure-eventgrid-py
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install 'azure-eventgrid' and 'azure-identity' via pip. These are official, well-known libraries maintained by Microsoft for interacting with Azure services.\n- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by demonstrating how to interpolate data into CloudEvent and EventGridEvent payloads.\n
- Ingestion points: The 'data' parameter in 'CloudEvent' and 'EventGridEvent' constructors within 'SKILL.md' accepts arbitrary content.\n
- Boundary markers: No specific delimiters or instructions are provided to the agent to treat the data as untrusted or to ignore embedded instructions.\n
- Capability inventory: The skill uses the 'EventGridPublisherClient.send' method to transmit data to remote Azure endpoints.\n
- Sanitization: The provided examples do not include logic for validating, escaping, or sanitizing the data before it is sent to the network endpoint.
Audit Metadata