cosmosdb-best-practices
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides links to official Azure Cosmos DB documentation (learn.microsoft.com) and associated GitHub repositories (github.com/AzureCosmosDB/cosmosdb-agent-kit) for further learning and tool installation.
- [COMMAND_EXECUTION]: The documentation includes standard setup commands such as 'npx skills add' and 'git clone' to help developers integrate the Cosmos DB agent kit into their workflow.
- [SAFE]: The skill actively promotes secure coding practices, specifically instructing users on how to prevent SQL injection vulnerabilities through the 'query-parameterize.md' rule.
- [SAFE]: The inclusion of the well-known Azure Cosmos DB Emulator key (a public constant for local development) is instructional and intended for localhost testing environments only, which is standard for developer configuration guides.
- [SAFE]: The skill recommends using modern and secure versions of dependencies, such as specifying Newtonsoft.Json version 13.0.3+ to avoid known security vulnerabilities in older versions.
Audit Metadata