azure-devops

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly requires runtime fetching of remote Markdown from Microsoft Docs (e.g. https://learn.microsoft.com/en-us/azure/devops/managed-devops-pools/diagnostics?view=azure-devops) via the mcp_microsoftdocs or fetch_webpage tools and will inject that fetched content into the agent context to drive responses, so the external URL is a runtime dependency that directly controls prompts.