pr-build-status
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [Data Ingestion Surface]: The skill retrieves and displays log content from external build systems. This creates a potential surface for indirect prompt injection if build logs were to contain instructions designed to influence the agent's behavior. 1) Ingestion points: Build and test logs are fetched via Invoke-RestMethod in Get-BuildErrors.ps1 and Get-HelixLogs.ps1. 2) Boundary markers: No specific delimiters or instructions are used to separate external log content from system instructions. 3) Capability inventory: The skill can execute local PowerShell scripts and the GitHub CLI (gh). 4) Sanitization: Log data undergoes basic string cleaning and regex-based filtering before display.
- [Communication with Well-Known Services]: The scripts perform network requests to official Microsoft and Azure DevOps domains (dev.azure.com and helix.dot.net) to retrieve build metadata and logs. These are trusted infrastructure components for the development environment.
- [Tool and Script Execution]: The skill uses pwsh to run its internal PowerShell scripts and leverages the gh CLI for repository interactions. This is a standard approach for developer-oriented automation tasks.
Audit Metadata