powerbi-report-authoring

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scripts/bpa.ps1 explicitly download and run third-party artifacts (PBI-Inspector CLI and its default rules) from public GitHub URLs via Invoke-WebRequest (see the $tools downloadUrl and rulesUrl in scripts/bpa.ps1), so untrusted, user-hosted content is fetched and then used to drive analysis/execution.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The scripts/bpa.ps1 invokes Invoke-WebRequest at runtime to download and extract a remote CLI from https://github.com/NatVanG/PBI-InspectorV2/releases/latest/download/win-x64-CLI.zip (and also fetches rule JSON from https://raw.githubusercontent.com/NatVanG/PBI-InspectorV2/refs/heads/main/Rules/Base-rules.json), then executes the downloaded PBIRInspectorCLI.exe, so the skill fetches and runs remote code as a required runtime dependency.