deploy-site
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Tooling Installation: The skill checks for the presence of the Power Platform CLI and, if missing, provides a command to install the official Microsoft.PowerApps.CLI.Tool. This is a standard setup procedure using trusted vendor resources.
- Authentication and Session Management: Uses official pac auth commands to manage connectivity. For unauthenticated sessions, it prompts the user for a URL and directs them to a browser-based login, ensuring the agent does not collect or store credentials.
- Command Execution: Employs standard developer tools such as pac, npm, git, and node to build and deploy the site. These actions are confined to the project's scope and the intended deployment workflow.
- Environment Security Configuration: The skill can modify the blockedattachments setting to allow JavaScript file uploads. This is identified as a security-sensitive action, and the skill includes mandatory user confirmation steps and clear explanations of the change before execution.
- Local Script Integration: Executes a specific local script (check-activation-status.js) to verify the success of the deployment. This involves reading local configuration files (powerpages.config.json), which is a common pattern for automation tasks within a local development environment.
Audit Metadata