fabric-integration
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references and provides code examples using official and well-known libraries such as azure-storage-filedatalake, semantic-link (sempy), pyspark, and delta-spark. These are legitimate tools for interacting with Microsoft Fabric and Azure services.
- [PROMPT_INJECTION]: The skill establishes a data processing pipeline that ingests content from external sources (OneLake shortcuts to S3, GCS, and ADLS Gen2) into the Fabric environment. This creates a surface for indirect prompt injection where instructions embedded in the data could influence the agent's behavior. \n
- Ingestion points: Data ingestion from external cloud storage platforms into the Bronze layer as described in SKILL.md and fabric-architecture-patterns.md. \n
- Boundary markers: The provided code templates do not include specific delimiters or instructions to ignore embedded commands in the ingested data. \n
- Capability inventory: The skill has the capability to execute Spark SQL queries, evaluate DAX expressions via the Semantic Link library, and interact with the Power BI REST API. \n
- Sanitization: No explicit sanitization or input validation for LLM-targeted instructions is documented in the data transformation examples.
Audit Metadata