cosmosdb-sdk
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a documentation and code-best-practice repository for Azure Cosmos DB SDKs. All provided instructions and snippets are aligned with industry standards and official vendor recommendations.
- [EXTERNAL_DOWNLOADS]: The skill recommends installing official packages from well-known registries including Microsoft.Azure.Cosmos (NuGet), azure-cosmos (PyPI), and @langchain/azure-cosmosdb (NPM). These are trusted libraries belonging to established organizations.
- [COMMAND_EXECUTION]: Installation instructions utilize standard 'cp' commands to move skill files into designated local directories for Claude Code or GitHub Copilot. These are non-privileged operations.
- [COMMAND_EXECUTION]: Rule 'sdk-emulator-ssl.md' provides instructions for using the standard Java 'keytool' utility to manage SSL certificates for the local development emulator. This is a common administrative task for developers and does not involve malicious automation.
- [CREDENTIALS_UNSAFE]: Multiple files contain a Base64 encoded key 'C2y6yDjf5/R+ob0N8A7Cgv30VRDJIWEHLM+4QDU5DE2nQ9nDuVTqobD4b8mGGyPMbIZnqyMsEcaGQy67XIw/Jw=='. This is the well-known, public, and documented master key for the Azure Cosmos DB Emulator used globally for local development. It is not a private credential.
Audit Metadata