power-bi-dax
Warn
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install an external dependency,
pbi-cli-tool, usingpipx. This package originates from an unverified source and is required for the skill to function. - [COMMAND_EXECUTION]: The skill relies on the execution of shell commands through the
pbi-clitool to interact with Power BI models, perform query validation, and manage measures. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from external sources and possesses significant capabilities. Attackers could potentially embed instructions in DAX files or the data models themselves to influence the agent's behavior.
- Ingestion points: The skill reads data from local
.daxfiles via the--fileflag and executes arbitrary DAX queries against connected Power BI models. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard potentially malicious instructions embedded within the DAX code or model data.
- Capability inventory: The skill allows the agent to execute queries, create or modify measures, and clear caches within the Power BI environment using
pbi-cli. - Sanitization: No sanitization or validation of the ingested DAX content or model metadata is performed before processing.
Audit Metadata