dataverse-web-api
Warn
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [Privilege Escalation] (MEDIUM): The skill instructs the agent to execute generated scripts using the
-ExecutionPolicy Bypassflag in multiple files (SKILL.md, resources/best-practices.md). This is a technique used to circumvent system security configurations that prevent the execution of unsigned or untrusted scripts. - [Dynamic Execution] (MEDIUM): The primary function of the skill is to generate and run PowerShell scripts and JSON payloads to modify cloud environment schemas. While intended for development, this allows an agent to perform significant structural modifications to an organization's data environment.
- [Indirect Prompt Injection] (LOW): The skill lacks input sanitization or boundary markers (e.g., delimiters) when taking user-provided names for tables, columns, or formulas and interpolating them into administrative API calls or scripts.
- Ingestion points: User-provided schema definitions and names.
- Boundary markers: Absent from prompt construction examples.
- Capability inventory: PowerShell execution, network requests via Invoke-RestMethod and Azure CLI (az).
- Sanitization: No evidence of validation or escaping for user-supplied identifiers.
Audit Metadata