add-sharepoint
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- CLI Tool Integration: The skill uses the Azure CLI (az) and Power Platform CLI (pac) to manage authentication and data discovery. These are official tools used for their intended administrative functions.
- Access Token Management: The skill retrieves and uses OAuth2 access tokens via az account get-access-token. This is a standard practice for API authentication, requiring the agent to handle sensitive tokens in memory during the session.
- Administrative Permissions: Managing SharePoint lists requires the Sites.Manage.All permission. This is a high-level permission consistent with the skill's primary function of creating and modifying list structures.
- External API Interaction: The skill communicates with graph.microsoft.com using PowerShell's Invoke-RestMethod. This is a well-known, trusted endpoint for Microsoft services.
- Data Ingestion Surface: The skill ingests data from external SharePoint sites (site URLs, list names, table data). This represents a standard surface for data-driven agent skills and is managed within the authenticated session context.
Audit Metadata