power-query
Warn
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
subprocess.runinexamples/execute_m.pyto callaz account get-access-tokenfor credential acquisition and inexamples/preview_partition.pyto call thefabCLI for model definition retrieval. - [COMMAND_EXECUTION]:
examples/preview_partition.pyperforms dynamic module loading using__import__to resolve the path of a sibling module at runtime. - [DATA_EXFILTRATION]: The skill retrieves environment-specific access tokens and transmits Power Query mashup documents—which may contain sensitive logic or connectivity metadata—to the Microsoft Fabric API at
api.fabric.microsoft.com. - [PROMPT_INJECTION]: The skill manages an indirect prompt injection surface by generating and executing code based on natural language inputs.
- Ingestion points: User prompts mentioning 'Power Query', 'M code', or 'partition expression' in
SKILL.md. - Boundary markers: No specific delimiters or warnings for the agent to ignore embedded instructions are identified.
- Capability inventory: Execution of Power Query M code via external APIs, shell command execution via
subprocess, and dynamic Python module loading. - Sanitization: No sanitization or validation logic for the generated M code or CLI parameters is specified.
- [EXTERNAL_DOWNLOADS]: The skill requires external dependencies including the
pyarrowPython package and theazandfabCLI tools.
Audit Metadata