azure-devops-cli
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill provides utility scripts and commands for interacting with Azure DevOps pipelines, repositories, and work items. The operations are standard for DevOps automation.
- [CREDENTIALS_UNSAFE] (SAFE): The setup instructions for Personal Access Token (PAT) authentication use a clear placeholder value ('your-personal-access-token') rather than hardcoding any actual secrets.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill recommends installing the 'azure-devops' extension via the standard 'az extension add' command. This is a trusted Microsoft-provided extension.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill contains scripts that process external data from Azure DevOps (e.g., pull request lists and build statuses).
- Ingestion points: Untrusted data enters the context via 'az repos pr list' and 'az pipelines build list' commands in the provided Bash scripts.
- Boundary markers: Absent; the scripts process command-line output directly.
- Capability inventory: The skill has the capability to approve pull requests and queue new builds based on the ingested data.
- Sanitization: No explicit sanitization is performed on the data returned by the CLI, though the 'auto-approve' script limits its scope to 'dependabot/*' branches, which provides a functional constraint.
Audit Metadata