Skills
skills/housegarofalo/claude-code-base/microsoft-fabric/Gen Agent Trust Hub

microsoft-fabric

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines tools for performing file and directory operations on both the local file system and remote Microsoft Fabric OneLake storage, including onelake download file, onelake upload file, and onelake file delete.
  • [EXTERNAL_DOWNLOADS]: Facilitates the retrieval of OpenAPI specifications, best practice documentation, and data files from Microsoft Fabric services to the local development environment.
  • [PROMPT_INJECTION]: Identified potential surface for indirect prompt injection through the ingestion of external data such as API schemas and OneLake files.
  • Ingestion points: SKILL.md (via onelake download file, publicapis_get, and publicapis_bestpractices_examples_get tools).
  • Boundary markers: Not explicitly defined in the provided tool instructions.
  • Capability inventory: File system read, write, and delete operations; directory management; and remote API interaction.
  • Sanitization: The skill description does not specify input validation or content sanitization for the ingested external data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 11:09 AM