Skills
skills/fabioc-aloha/lithium/Fabric Notebook Publish/Gen Agent Trust Hub

Fabric Notebook Publish

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the execution of local PowerShell scripts (Sync-ToFabric.v2.ps1 and Publish-ToFabric.ps1) to manage notebook synchronization, change detection, and direct publishing to the Fabric API.
  • [EXTERNAL_DOWNLOADS]: The skill directs users to install the official Microsoft Az PowerShell module from the PowerShell Gallery and configures a Git remote on Azure DevOps (visualstudio.com). These sources are recognized as well-known technology services.
  • [PROMPT_INJECTION]: The skill processes notebook source code and metadata to generate automated changelog entries and synchronize updates, which constitutes an indirect prompt injection surface.
  • Ingestion points: Notebook content files (notebook-content.py).
  • Boundary markers: Not specified in the provided documentation.
  • Capability inventory: Local script execution, Git CLI operations, and Fabric REST API interactions.
  • Sanitization: The provided files do not document specific sanitization or validation logic for external notebook content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:54 AM