azure-monitor-query-py
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the 'azure-monitor-query' package, which is the official Microsoft SDK for Azure Monitor. This is a trusted source and does not escalate the verdict.
- [SAFE]: Employs 'DefaultAzureCredential' for secure authentication and uses environment variables for resource identification, following security best practices.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) if queries are constructed from untrusted data. Evidence: 1. Ingestion points: The 'query' parameter passed to 'LogsQueryClient.query_workspace' and 'MetricsQueryClient.query_resource' in the provided Python examples. 2. Boundary markers: Absent in the code examples. 3. Capability inventory: Network read access to Azure Monitor logs and metrics. 4. Sanitization: Absent in the documentation examples.
Audit Metadata