AI agents with generative orchestration should have custom instructions
Descriptionโ
Checks all Copilot Studio agents that use generative orchestration (generative actions enabled) for the presence of custom instructions. Agents without instructions rely entirely on the LLM's default behavior, which increases the risk of prompt injection, off-topic responses, and uncontrolled tool usage.
How to fixโ
Open each flagged agent in Copilot Studio and add custom instructions that define the agent's purpose, boundaries, and behavioral constraints. At minimum, instructions should specify what the agent is allowed to do, what topics are off-limits, and how it should handle attempts to override its instructions.
Learn more: Create and edit custom instructions
Prerequisitesโ
This test evaluates Copilot Studio agent configurations via the Dataverse API.
Connect-Maester -Service Graph,Dataverse