dotnet-ado-publish
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill consists of documentation and YAML configuration templates for Azure DevOps pipelines.
- [EXTERNAL_DOWNLOADS]: The pipeline templates reference official Azure DevOps tasks (e.g.,
DotNetCoreCLI@2,Docker@2,NuGetCommand@2) and standard registries (NuGet.org, Azure Container Registry). These are well-known, trusted services and do not pose a security risk in this context. - [COMMAND_EXECUTION]: Includes standard shell scripts for version parsing and .NET CLI commands. These operations are restricted to environment variable manipulation and standard build processes, following safe implementation patterns.
- [CREDENTIALS_UNSAFE]: The skill explicitly advises against hardcoding secrets, recommending the use of Azure DevOps Service Connections to handle API keys and registry credentials securely.
Audit Metadata