azure-cosmos-py
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious activity or suspicious patterns were identified in the provided skill.
- [EXTERNAL_DOWNLOADS]: The skill references the installation of official 'azure-cosmos' and 'azure-identity' Python packages via pip. These are well-known libraries maintained by Microsoft for interacting with Azure services.
- [DATA_EXPOSURE]: The skill documents the use of environment variables for configuration. It correctly uses placeholders for sensitive account information and recommends 'DefaultAzureCredential' for authentication, which is a secure practice that avoids hardcoding secrets.
- [PROMPT_INJECTION]: The skill interacts with an external database, which represents a surface for indirect prompt injection if the database content is attacker-controlled. 1. Ingestion points: 'container.read_item', 'container.query_items', and 'container.read_all_items' in SKILL.md. 2. Boundary markers: Not explicitly defined in the example snippets. 3. Capability inventory: Database CRUD operations in SKILL.md. 4. Sanitization: The skill promotes the use of parameterized queries to mitigate injection risks.
Audit Metadata