add-server-logic
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [Project Analysis and Data Ingestion]: The skill analyzes the project structure, configuration files, and source code to understand requirements and maintain consistency. This involves reading files like powerpages.config.json and scanning the src/ directory, which is standard behavior for a development-focused skill.
- [Benign Command Execution]: The skill executes local scripts provided with the plugin to perform version checks, render implementation plans, and manage Dataverse resources. These scripts facilitate core functionality and are contained within the skill's package.
- [Indirect Prompt Injection Surface]: The skill processes data from the local codebase and documentation fetched from Microsoft Learn. Ingestion points include local source code and search results; while explicit boundary markers are not defined, the skill uses targeted extraction patterns to focus on technical SDK details. Capability inventory includes file system access and site deployment.
- [Secure Secret Management]: The skill follows security best practices by recommending Azure Key Vault for sensitive data and explicitly instructing the agent not to handle secret values directly within the conversation.
Audit Metadata