Azure Cosmos DB Python

Security checks across malware telemetry and agentic risk

Overview

This is a normal Azure Cosmos DB helper skill, but its examples and script can change real cloud databases and costs if run against a live account.

Install only if you intend to work with Azure Cosmos DB. Before running examples or the setup script, verify the Azure endpoint, database, container, partition key, TTL, and throughput values, and prefer least-privilege credentials over broad account keys. Avoid running delete, replace, upsert, batch, or throughput changes against production data without an explicit backup or review.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill includes examples for create, replace, upsert, delete, throughput changes, and create-if-not-exists operations without clearly warning that they can modify or remove live data and infrastructure. In an agent-assisted setting, this increases the chance that a user or downstream automation runs examples against production Cosmos DB resources, causing unintended data loss, cost changes, or service-impacting configuration changes.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal