m365-agents-ts
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill utilizes official @microsoft packages, which are maintained by a trusted organization.
- [SAFE]: All external documentation and sample code references point to verified Microsoft domains (learn.microsoft.com) and official GitHub repositories.
- [SAFE]: Secret management practices are secure, as the skill demonstrates the use of environment variables and placeholders for sensitive information like API keys and client secrets.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface because it interpolates user-provided text (context.activity.text) into LLM prompts. Analysis of the mandatory evidence chain shows: (1) Ingestion points: User text enters via the activity object in SKILL.md. (2) Boundary markers: No delimiters or explicit instructions to ignore embedded commands are present in the code snippets. (3) Capability inventory: The skill has capabilities for network operations via Azure OpenAI and Copilot Studio client integrations. (4) Sanitization: No specific input sanitization or filtering is demonstrated in the examples.
Audit Metadata