Skills
skills/microsoft/fabric-apps-analytic-templates/data-discovery/Gen Agent Trust Hub

data-discovery

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [Command Execution]: The skill instructs the agent to utilize CLI tools such as npx fabric-app-data and az login to interact with semantic models and perform authentication. These operations are standard for accessing Azure and Power BI services and are necessary for the skill's intended data discovery functions.
  • [External Dependency Usage]: It employs npx to fetch and execute the fabric-app-data utility directly from the npm registry. This is a common pattern for running developer tools, though it relies on the availability and integrity of the public package registry.
  • [File System Interaction]: The skill provides guidelines for saving validated queries as .dax, .json, and .ts files within the src/queries/ directory. This allows the agent to persist and organize its work within the project's codebase, which is a standard part of the development lifecycle.
  • [Indirect Data Processing Surface]: The agent ingests schema metadata and query results from external data sources. While this is expected behavior for a data exploration tool, it represents a surface where adversarial content in the source data could potentially be processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 04:05 PM
Security Audit — agent-trust-hub — data-discovery