azure-devops-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documented workflows explicitly import and create pipelines from public Git repositories (e.g., references/repos-and-prs.md: "az repos import create --git-source-url https://github.com/user/repo" and references/pipelines-and-builds.md: "az pipelines create --repository https://github.com/Org/Repo"), so untrusted, user-generated repo/YAML content is fetched and can influence pipeline creation and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's prerequisites include executing a remote installer via "curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash", which fetches and runs remote code as a required setup step for the skill, posing a clear execution risk.