pbir-format
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to interpret and manipulate Power BI report metadata (PBIR). The logic is structural and limited to modifying JSON files within a report directory.
- [EXTERNAL_DOWNLOADS]: The skill references standard Python packages (google-genai, pillow, keyring) and a specific CLI tool (pbir-cli). These are legitimate developer tools hosted on official package registries.
- [DATA_EXFILTRATION]: Network operations are limited to the
generate-background-with-gemini.pyscript, which calls the Google Gemini API for image generation. This process uses standard API key management (environment variables or keyring) and interacts with a well-known service provider. - [PROMPT_INJECTION]: The skill includes persona instructions and a "Mental Model" for the agent that enforces a direct, emoji-free communication style. These are benign behavioral constraints and do not attempt to override system safety protocols.
Audit Metadata