azure-devops-cli
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides users to install the official Microsoft
azure-devopsextension for the Azure CLI usingaz extension add --name azure-devops. This is a trusted and well-known service reference.\n- [COMMAND_EXECUTION]: Multiple automation examples inexamples/workflows/andSKILL.mdprovide bash scripts that execute complex CLI operations. Notably, the release validation script inexamples/workflows/release-management.mduses theevalcommand to dynamically execute diagnostic checks stored in variables.\n- [PROMPT_INJECTION]: The skill describes workflows that ingest untrusted data from the Azure DevOps environment (such as pull request titles, commit messages, and work item descriptions) and interpolate that data into shell commands or scripts.\n - Ingestion points: Data entering through
git log,az repos pr list, andaz boards query. (File:examples/workflows/release-management.md,examples/repos-reference.md)\n - Boundary markers: Absent; data is directly interpolated into command strings or bash variables without delimiters or instructions to ignore embedded content.\n
- Capability inventory: The skill includes commands for file system access (
git clone), triggering pipeline runs (az pipelines run), and modifying repository objects. (File:SKILL.md,examples/workflows/ci-cd-automation.md)\n - Sanitization: Absent; the scripts do not perform escaping, validation, or filtering of the strings retrieved from the Azure DevOps API before execution.
Audit Metadata