REPOGEO REPORT · LITE
mbrg/power-pwn
Default branch main · commit 88456806 · scanned 5/17/2026, 3:36:48 PM
GitHub: 1,153 stars · 126 forks
Score trend below includes all ready runs (older left, newer right; scroll horizontally if needed). The table is collapsed by default—expand for newest-first rows, 10 per page.
2 ready scans. Expand the table below for newest-first rows (10 per page, paginated).
Action plan is what to do next — copy-pasteable changes prioritized by impact. Category visibility is the real GEO test: when a user asks an AI a brand-free question that should surface mbrg/power-pwn, does the AI actually recommend you — or your competitors? Objective checks verify the metadata signals AI engines weight first. Self-mention check detects whether AI even knows you exist by name.
Action plan — copy-paste fixes
3 prioritized changes generated by gemini-2.5-flash. Mark items done after you ship the fix.
- highreadme#1Add explicit disambiguation to README's opening statement
Why:
CURRENTPower Pwn is an offensive and defensive security toolset for Microsoft 365 Power Platform and AI services.
COPY-PASTE FIXPower Pwn is an offensive and defensive security toolset for Microsoft 365 Power Platform and AI services. This project focuses exclusively on securing modern low-code/no-code and AI agent environments, and is not related to PowerPC architecture or general Windows post-exploitation.
- mediumtopics#2Expand topics with specific AI and low-code/no-code security keywords
Why:
CURRENTagentforce, agentkit, agentspace, ai-red-team, blackhat, chatgpt, copilotstudio, defcon, gpts, hacking, hacking-tool, lowcode, m365, microsoft365, nocode, pentesting, powerapps, powerplatform, redteam, redteaming
COPY-PASTE FIXagentforce, agentkit, agentspace, ai-red-team, blackhat, chatgpt, copilotstudio, defcon, gpts, hacking, hacking-tool, lowcode, m365, microsoft365, nocode, pentesting, powerapps, powerplatform, redteam, redteaming, ai-security-testing, power-platform-security, low-code-security, no-code-security, copilot-security, llm-security, ai-agent-security
- lowreadme#3Remove empty markdown links from README's overview section
Why:
CURRENT[](https://www.toolswatch.org) [](https://www.blackhat.com/sector/2023/arsenal/schedule/index.html#entraid-guest-to-corp-data-dump-with-powerpwn-36105) [](https://www.toolswatch.org) [](https://forum.defcon.org/node/241932) [](https://github.com/mbrg/power-pwn) [](https://twitter.com/intent/follow?screen_name=mbrg0) [](mailto:michael.bargury@owasp.org)
COPY-PASTE FIXRemove all instances of `[]()` or ensure they contain valid link text and URLs.
Category GEO backends resolved for this scan: google/gemini-2.5-flash, deepseek/deepseek-v4-flash
Category visibility — the real GEO test
Brand-free queries asked to google/gemini-2.5-flash. Did AI recommend you, or someone else?
Same questions for every model — switch tabs to compare answers and rankings.
- OWASP AI Exchange (AIX) · recommended 1×
- Microsoft's STRIDE Threat Model · recommended 1×
- OpenMined PySyft · recommended 1×
- Microsoft SEAL · recommended 1×
- Google's TF Encrypted · recommended 1×
- CATEGORY QUERYHow to assess security risks and vulnerabilities in AI agent deployments?you: not recommendedAI recommended (in order):
- OWASP AI Exchange (AIX)
- Microsoft's STRIDE Threat Model
- OpenMined PySyft
- Microsoft SEAL
- Google's TF Encrypted
- IBM Adversarial Robustness Toolbox (ART)
- Google's CleverHans
- Snyk
- Aqua Security
- Datadog
- Prometheus
- Grafana
AI recommended 12 alternatives but never named mbrg/power-pwn. This is the gap to close.
Show full AI answer
- CATEGORY QUERYOffensive security toolkit for low-code/no-code business application platforms and AI integrations.you: not recommendedAI recommended (in order):
- OWASP ZAP (zaproxy/zaproxy)
- Burp Suite Professional
- Postman
- Insomnia (Kong/insomnia)
- Metasploit Framework (rapid7/metasploit-framework)
- Nmap (nmap/nmap)
- Shodan
- Python
- Go
- requests (psf/requests)
- BeautifulSoup (crummy/BeautifulSoup)
- Scrapy (scrapy/scrapy)
AI recommended 12 alternatives but never named mbrg/power-pwn. This is the gap to close.
Show full AI answer
Objective checks
Rule-based audits of metadata signals AI engines weight most.
- Metadata completenesspass
- README presencepass
Self-mention check
Does AI even know your repo exists when asked about it directly?
- Compared to common alternatives in this category, what is the core differentiator of mbrg/power-pwn?passAI named mbrg/power-pwn explicitly
AI answers can be confidently wrong. Read for accuracy: does it match your actual tech stack, audience, and differentiator?
- If a team adopts mbrg/power-pwn in production, what risks or prerequisites should they evaluate first?passAI named mbrg/power-pwn explicitly
AI answers can be confidently wrong. Read for accuracy: does it match your actual tech stack, audience, and differentiator?
- In one sentence, what problem does the repo mbrg/power-pwn solve, and who is the primary audience?passAI named mbrg/power-pwn explicitly
AI answers can be confidently wrong. Read for accuracy: does it match your actual tech stack, audience, and differentiator?
Embed your GEO score
Drop this badge into the README of mbrg/power-pwn. It auto-updates whenever the report is rescanned and links back to the latest report — easy public proof that you care about AI discoverability.
Live preview[](https://repogeo.com/en/r/mbrg/power-pwn)<a href="https://repogeo.com/en/r/mbrg/power-pwn"><img src="https://repogeo.com/badge/mbrg/power-pwn.svg" alt="RepoGEO" /></a>Subscribe to Pro for deep diagnoses
mbrg/power-pwn — Lite scans stay free; this card itemizes Pro deep limits vs Lite.
- Deep reports10 / month
- Brand-free category queries5 vs 2 in Lite
- Prioritized action items8 vs 3 in Lite