The Agent Skills Directory

Indirect Prompt Injection (MEDIUM): The skill is designed to ingest and process untrusted external CI/CD configuration files which poses a risk if those files contain malicious instructions for the AI agent.\n- Ingestion points: External pipeline configuration files (Jenkinsfile, GitHub Actions YAML, GitLab CI YAML) provided by users for migration.\n- Boundary markers: Absent. The skill does not define delimiters or specific instructions for the agent to ignore instructions embedded within the source configuration files.\n- Capability inventory: The skill description states it can 'execute' migrations, implying the agent may have permissions to create or modify resources within Azure DevOps environments.\n- Sanitization: Absent. No mechanisms are described for validating or filtering the content of the configuration files before the migration process.

azure-devops-migration