azure-storage-queue-ts
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides guidance for using the official @azure/storage-queue SDK, which is a trusted library from Microsoft.\n- [SAFE]: Credentials and connection strings are handled via environment variable placeholders (e.g., ), preventing the exposure of hardcoded secrets.\n- [SAFE]: Recommended authentication methods, such as DefaultAzureCredential, are promoted as best practices.\n- [PROMPT_INJECTION]: The skill describes a data ingestion surface by reading message content from Azure Storage Queues, which creates a potential vector for indirect prompt injection.\n
- Ingestion points: message.messageText retrieved via queueClient.receiveMessages() in SKILL.md.\n
- Boundary markers: None mentioned in the code snippets.\n
- Capability inventory: The skill demonstrates message processing via JSON.parse() and custom processMessage functions, but does not include dangerous capabilities like shell command execution or file system modification.\n
- Sanitization: The provided code examples do not demonstrate sanitization or validation of the ingested message content.
Audit Metadata