te2-cli
Warn
Audited by Snyk on Apr 25, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs fetching and using external public artifacts (e.g., the BPA rules URL https://raw.githubusercontent.com/.../BPARules.json and the guidance to use microsoft_docs_search + microsoft_docs_fetch or mslearn fetch) so the agent will ingest untrusted, user-hosted web content as part of its workflow, which can materially influence analysis and subsequent tool actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). The "Run BPA Analysis" example shows TabularEditor.exe invoked at runtime with a raw GitHub URL (https://raw.githubusercontent.com/microsoft/Analysis-Services/master/BestPracticeRules/BPARules.json), which the CLI will fetch and use as BPA rule instructions that directly control the tool's analysis behavior.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata