The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill references documentation and registration pages on the official FlowStudio domain (mcp.flowstudio.app). These are informative links related to the skill's primary purpose and do not involve remote code execution.
[DATA_EXPOSURE]: The skill correctly instructs the user to store the required FLOWSTUDIO_MCP_TOKEN in an environment variable rather than hardcoding it. Access to flow metadata (owners, connections, security configurations) is restricted to the intended FlowStudio tools for audit purposes.
[COMMAND_EXECUTION]: The skill uses specialized store_* tools to perform operations. It does not invoke arbitrary shell commands or system-level processes.
[PROMPT_INJECTION]: The skill processes external data such as flow descriptions, display names, and hashtags which are authored by users in Power Automate. While this presents an indirect prompt injection surface where a malicious user could embed instructions in a flow description, the skill is limited to governance metadata writes and does not have the capability to execute instructions found within that data. Severity is assessed as LOW.

flowstudio-power-automate-governance