azure-pipelines-generator
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): The skill's content is purely instructional and contains no patterns intended to override agent behavior, bypass safety protocols, or leak system prompts.
- CREDENTIALS_UNSAFE (SAFE): No hardcoded API keys, tokens, or passwords were found. The provided YAML templates correctly follow best practices by referencing logical service connection names for authentication to Azure and container registries.
- DATA_EXFILTRATION (SAFE): The skill does not contain instructions to access sensitive local files (e.g., SSH keys, environment files) or transmit data to unauthorized external endpoints.
- REMOTE_CODE_EXECUTION (SAFE): While the templates describe build and deployment steps (such as npm install), these are intended for execution within a isolated CI/CD environment by the user and do not constitute remote code execution vulnerabilities for the AI agent itself.
- OBFUSCATION (SAFE): The markdown and YAML code blocks are written in plain, human-readable text with no evidence of encoding or hidden characters designed to evade detection.
Audit Metadata