spark-consumption-cli
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- Command Execution: The skill utilizes the Azure CLI (
az rest) to interact with the Microsoft Fabric API. This is the standard mechanism for CLI-based management of Fabric workspaces and items, allowing the agent to perform administrative and discovery tasks.\n- Remote Code Execution: It facilitates the execution of Spark and PySpark code via Livy sessions. This is a fundamental feature of the skill, enabling advanced data exploration and analytics on remote compute clusters.\n- Local File Interaction: Temporary JSON files are created in the/tmpdirectory to prepare request bodies for API communication. This is a common and practical method for handling structured data in shell-based workflows.\n- Indirect Prompt Injection Surface: Because the skill processes data from external lakehouses, it possesses an ingestion point for potentially untrusted content.\n - Ingestion points: Reads data from lakehouse tables and unstructured files (SKILL.md).\n
- Boundary markers: Spark code is encapsulated within structured JSON objects sent to the Livy REST API.\n
- Capability inventory: Execution of PySpark/Spark SQL code, OneLake data access, and session lifecycle management (SKILL.md).\n
- Sanitization: Relies on platform-level security (RBAC) and the internal safety filters of the underlying language model to ensure generated code is safe for execution.
Audit Metadata