integration-test-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's script and SKILL.md explicitly fetch and download published build artifacts (exception XMLs, screenshots, MEF errors, VSIX logs) from Azure DevOps (e.g., dev.azure.com/dnceng-public via Get-AzDOArtifacts/Get-AzDOArtifactZip and Invoke-ArtifactAnalysis) and then parses and interprets those untrusted, user-generated artifacts as part of its analysis, allowing their content to materially influence the agent's diagnosis and next actions.