dv-overview
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Command Execution]: The skill instructs the agent to execute various shell commands for workspace initialization (
ls), solution management (pac solution export/unpack), and version control (git push). These are standard operations for a developer tool. - [Package Management]: It mandates the use of Python and
pipfor dependency management while explicitly forbidding Node.js tooling. This is a configuration preference rather than a security risk. - [Authentication Best Practices]: The instructions include strong safety guidelines, such as forbidding the hardcoding of tokens and discouraging the manual parsing of sensitive token cache files, instead favoring official authentication scripts.
- [Autonomy Considerations]: One instruction suggests the agent should automatically run a connection flow without asking the user if setup files are missing. While this streamlines the user experience, it represents an automated action without explicit per-task confirmation.
- [Administrative Capabilities]: The skill mentions administrative tools like
pac admin self-elevate. This is a legitimate command within the Power Platform ecosystem for users with appropriate permissions.
Audit Metadata