Azure Content Understanding Layout

Security checks across malware telemetry and agentic risk

Overview

This skill is a user-directed Azure document extraction helper; it sends chosen document URLs or stdin document bytes to the configured Azure service, which fits its stated purpose.

Install this only if you intend to process documents through Azure Content Understanding. Use a dedicated Azure key and trusted endpoint, and avoid submitting confidential, regulated, secret-bearing, or internal-only documents or URLs unless your organization permits Azure processing for that data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The API reference documents direct file upload and URL-based document submission to an external Azure service without clearly warning that document contents and referenced remote files are transmitted off-system for third-party processing. This can lead users to unknowingly send sensitive documents, regulated data, or internal URLs to Azure, creating privacy, compliance, and data-handling risks.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal