deploy
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection Surface]: The skill reads project configuration from memory-bank.md, which is a surface where data could potentially influence agent behavior.
- Ingestion points: Project name and environment are read from memory-bank.md in the project root.
- Boundary markers: No explicit delimiters are used to separate configuration data from instruction context.
- Capability inventory: The skill can execute shell commands and has write access to the filesystem.
- Sanitization: Configuration content is used directly in the workflow without an explicit validation or escaping layer.
- [Command Execution]: The skill executes build and deployment commands through npm and the Power Platform CLI (pac). These are standard operations for development workflows.
- [External Package Dependency]: The skill may install the @microsoft/power-apps-cli package globally when running on macOS to bypass known authentication issues. This is an official vendor package used for its intended purpose.
Audit Metadata