The Agent Skills Directory

[SAFE]: The skill utilizes the keyring library to store and manage authentication tokens (OAuth or PAT) in the system's secure credential storage (e.g., Windows Credential Locker, macOS Keychain), which is a best practice for CLI tools.
[SAFE]: The download function in scripts/attachments.py implements a hostname whitelist check against .dev.azure.com and .visualstudio.com. This ensures that sensitive authentication headers are never sent to untrusted external domains, effectively preventing credential exfiltration via malicious URLs.
[SAFE]: No instances of prompt injection, code obfuscation, or unauthorized persistence mechanisms were detected. The scripts use standard Python libraries and provide transparent JSON output for all operations.
[SAFE]: The skill includes an inherent indirect prompt injection surface as it reads external data such as pull request descriptions and build logs. However, this is consistent with its primary purpose as a DevOps management tool, and no specific exploits or unsafe interpolations were found.

azure-devops