azure-cosmos-db-py
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of 'azure-cosmos' and 'azure-identity' via pip. These are official, well-known libraries provided by Microsoft for interacting with Azure services.
- [DATA_EXFILTRATION]: No unauthorized data access or exfiltration patterns were detected. The skill follows best practices by recommending environment variables for configuration and Azure Active Directory (RBAC) for authentication, which minimizes the risk of credential exposure.
- [PROMPT_INJECTION]: No instructions attempting to bypass safety filters, override agent behavior, or extract system prompts were found.
- [COMMAND_EXECUTION]: The provided code samples use standard SDK methods for database operations. There is no evidence of arbitrary command execution or shell injection vulnerabilities. The skill explicitly mandates the use of parameterized queries to prevent SQL-like injection within the database context.
- [SAFE]: The skill's structure and logic align with its stated purpose of building production-grade database services using clean code and security-first principles.
Audit Metadata