dotnet-ado-publish
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface where untrusted data (Git tag names) is interpolated into command arguments.
- Ingestion points: Git tag names via
$(Build.SourceBranch)and$(Build.SourceBranchName)in SKILL.md. - Boundary markers: None; the variables are used directly in shell scripts and task inputs.
- Capability inventory: The variables influence the execution of
DotNetCoreCLI@2andDocker@2tasks. - Sanitization: Minimal; uses shell parameter expansion without strict character validation.
- [SAFE]: Authentication is handled via Service Connections and official tasks, avoiding hardcoded secrets.
- [SAFE]: Container base images and SDK downloads are from trusted Microsoft sources.
Audit Metadata