flowstudio-power-automate-debug
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill communicates with the FlowStudio MCP service at
mcp.flowstudio.appto retrieve flow definitions, run history, and action outputs. While this involves sending flow metadata and runtime data to an external service, this behavior is the primary intended function of the skill and is required for remote debugging. - [PROMPT_INJECTION]: The skill processes runtime data (inputs and outputs) from Power Automate actions. This creates an indirect prompt injection surface because if the flow processes untrusted external data, that data could contain instructions aimed at the agent. This is an inherent risk in diagnostic skills that ingest external logs, but it is handled here through standard analytical procedures.
- [COMMAND_EXECUTION]: The skill includes instructions for updating flow definitions using the
update_live_flowtool. This allows the agent to modify flow logic to apply fixes. This is a legitimate administrative capability provided by the integrated service.
Audit Metadata