flowstudio-power-automate-build
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a Python helper script using the
urllib.requestmodule to interact with the FlowStudio MCP server, which is a standard method for facilitating tool calls. - [EXTERNAL_DOWNLOADS]: Communicates with the service endpoint at
https://mcp.flowstudio.app/mcpfor resource management and tool execution. - [DATA_EXFILTRATION]: Retrieves metadata such as environment IDs and connection GUIDs via tools like
list_live_connections, which is necessary for the functional purpose of deploying flows. - [PROMPT_INJECTION]: The skill manages potential indirect prompt injection risks by explicitly mandating a user confirmation step (Step 6) before any flow is triggered, ensuring the user remains in control of actions with side effects. It also promotes the use of secure parameters for sensitive data like API secrets.
Audit Metadata