The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies extensively on executing an external CLI binary (pbir) to manipulate local files and interact with remote APIs.
Evidence: SKILL.md (Multiple commands such as pbir set, pbir cat, and pbir publish).
[REMOTE_CODE_EXECUTION]: The skill supports advanced visuals that execute local Python or R scripts, which could be exploited to run arbitrary code if the script files are modified or provided by an untrusted source.
Evidence: references/cli-reference.md (pbir visuals python --script-file script.py and pbir visuals r --script-file script.r).
[EXTERNAL_DOWNLOADS]: The agent is instructed to fetch external resources, including images from arbitrary URLs and metadata schemas or reports from cloud services.
Evidence: references/add-image.md (pbir add image ... https://example.com/logo.png) and references/cli-reference.md (pbir schema fetch, pbir download).
[DATA_EXFILTRATION]: The pbir publish capability allows sending report definitions, which may contain proprietary business logic, metadata, or data structures, to external Fabric or Power BI workspaces.
Evidence: SKILL.md (pbir publish "Report.Report" "Workspace.Workspace/Report.Report").
[PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection by ingesting and processing external report definitions (visual.json, page.json) that could contain malicious instructions in metadata or annotations.
Ingestion points: pbir cat, pbir tree -v, and direct file reads mentioned in SKILL.md.
Boundary markers: Absent in instructions during property interpolation.
Capability inventory: pbir set (file-write), pbir visuals python (code execution), and pbir publish (network transmission).
Sanitization: Frequent use of pbir validate serves as a structural integrity check, but does not sanitize natural language content.

pbir-cli