Skills
skills/ruiromano/powerbi-agentic-plugins/powerbi-pbir/Gen Agent Trust Hub

powerbi-pbir

Fail

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The PowerShell script scripts/bpa.ps1 is designed to download an executable ZIP file from a personal GitHub repository (https://github.com/NatVanG/PBI-InspectorV2). This source does not belong to the trusted organizations or well-known services list, making the origin of the code unverified.
  • [REMOTE_CODE_EXECUTION]: The script scripts/bpa.ps1 automates the download, extraction, and subsequent execution of the binary PBIRInspectorCLI.exe. Running binaries from unverified third-party sources is a high-risk activity that facilitates remote code execution on the user's system.
  • [COMMAND_EXECUTION]: The script scripts/bpa.ps1 uses Start-Process to run the downloaded executable with arguments. This mechanism can be exploited to execute arbitrary and potentially malicious commands if the external repository or the downloaded binary is compromised.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 2, 2026, 04:46 PM