Skills
skills/novotnyllc/dotnet-artisan/dotnet-ado-build-test/Gen Agent Trust Hub

dotnet-ado-build-test

Pass

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines patterns for executing various dotnet commands and shell scripts within a CI/CD context.
  • The DotNetCoreCLI@2 task is used to run restore, build, test, and pack operations.
  • Shell scripts are used for coverage enforcement and report generation, utilizing standard tools like find, python3, and bc.
  • [EXTERNAL_DOWNLOADS]: The skill references external resources required for the build process.
  • The UseDotNet@2 task is used to download and install specific versions of the .NET SDK from Microsoft servers.
  • The dotnet tool install command is used to fetch the dotnet-reportgenerator-globaltool from the official NuGet registry, which is a well-known tool for coverage visualization.
  • References to Azure Artifacts feeds are documented using standard official URL patterns.
  • [SAFE]: The skill includes defensive programming practices and security warnings.
  • It explicitly advises using set -euo pipefail in shell scripts to ensure failures are not ignored.
  • It mandates that NuGetAuthenticate@1 must precede restore steps to avoid credential exposure.
  • Point 9 in the 'Agent Gotchas' section specifically warns against hardcoding credentials and recommends using secret variables or Azure Key Vault.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 24, 2026, 12:09 AM