Skills
skills/questnova502/claude-skills-sync/ms365-tenant-manager/Gen Agent Trust Hub

ms365-tenant-manager

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection (Category 8).
  • Ingestion points: Processes untrusted data from CSV files for bulk user/group operations and JSON configuration data.
  • Boundary markers: None identified in the provided documentation to distinguish between instructions and data during script generation.
  • Capability inventory: Generates PowerShell scripts via powershell_generator.py that perform high-privilege operations (user creation, policy modification, license management).
  • Sanitization: No evidence of sanitization or validation of input data before interpolation into generated scripts.
  • COMMAND_EXECUTION (LOW): Designed for dynamic execution (Category 10) by generating .ps1 and .py files. While the generation of code is the primary intent, users are advised to manually review and execute these scripts with Global Administrator privileges, which introduces a risk if the generation logic is compromised.
  • EXTERNAL_DOWNLOADS (LOW): The skill instructs the user to install external dependencies via Install-Module. These are trusted Microsoft modules (Microsoft.Graph, ExchangeOnlineManagement, etc.) and fall under the [TRUST-SCOPE-RULE].
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 11:31 AM