powerbi-pbir

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's analysis workflow (scripts/bpa.ps1) explicitly downloads a CLI tool and default rules from public GitHub URLs (Invoke-WebRequest to github.com/.../PBI-InspectorV2 and raw.githubusercontent.com), which are untrusted third‑party resources the agent would fetch and use to drive analysis and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The scripts/bpa.ps1 downloads and expands a remote CLI from https://github.com/NatVanG/PBI-InspectorV2/releases/latest/download/win-x64-CLI.zip at runtime and then executes its PBIRInspectorCLI.exe, and it also fetches rules from https://raw.githubusercontent.com/NatVanG/PBI-InspectorV2/refs/heads/main/Rules/Base-rules.json, so remote content is fetched at runtime and results in executing externally-provided code required for the BPA workflow.