add-cloud-flow
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [Official Service Integration]: The skill interacts with official Microsoft Flow RP API endpoints (such as api.flow.microsoft.com) to list and manage automation resources, ensuring operations remain within the vendor's verified ecosystem.
- [Human-in-the-loop Approval]: A significant security feature is the generation of a detailed HTML plan for user review before any files are created or modified. This ensures the user maintains oversight of all role assignments and metadata changes.
- [Secure API Communication]: Generated client-side code correctly implements CSRF (Cross-Site Request Forgery) protection by fetching tokens from the platform and including mandatory security headers in requests.
- [Metadata Validation]: The skill includes automated validation scripts that verify the integrity and structure of generated YAML metadata, ensuring compliance with platform requirements and preventing the introduction of malformed configuration.
- [Template-based Code Generation]: Frontend service code is generated using predefined templates based on detected site frameworks (React, Vue, etc.), which provides necessary integration logic while following established architectural patterns.
Audit Metadata