azure-devops
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Employs
gitandcurlto perform repository management and API tasks as specified in the skill instructions. - [DATA_EXFILTRATION]: Accesses the
AZURE_DEVOPS_TOKENenvironment variable for authentication. It directs all network traffic to officialdev.azure.comendpoints and providing instructions for local credential configuration through standard git commands. - [PROMPT_INJECTION]: Identifies an indirect prompt injection surface where the agent processes external data from Azure DevOps (ingestion points) and has write capabilities (capability inventory), though this is characteristic of the skill's integration purpose rather than a malicious pattern.
Audit Metadata