Skills
skills/danielkerridge/claude-code-power-platform-skills/power-apps-code-apps/Gen Agent Trust Hub

power-apps-code-apps

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill utilizes npx degit to pull project templates from the microsoft GitHub organization (microsoft/PowerAppsCodeApps). According to the [TRUST-SCOPE-RULE], downloads from this trusted organization are considered safe.
  • [COMMAND_EXECUTION] (SAFE): The skill requires the use of pac (Power Platform CLI) and npm for project management, authentication, and deployment. These are the expected tools for the stated purpose of Power Platform development.
  • [DATA_EXPOSURE] (SAFE): While the skill manages authentication profiles and environment IDs via the CLI, it explicitly instructs the AI never to write custom authentication code, relying instead on the platform's managed host authentication.
  • [PROMPT_INJECTION] (LOW): The 'Vibe Coding' feature involves processing natural language input to generate code. The skill includes a mandatory multi-step planning and approval workflow ('Plan Designer') which mitigates the risk of direct execution of untrusted instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 10:29 PM