azure-devops
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The content consists of instructional guidelines for code review. There are no attempts to override agent behavior, bypass safety filters, or extract system prompts.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or network operations were found. The skill actually encourages the use of secret management tools like Azure Key Vault.
- [Remote Code Execution] (SAFE): No remote scripts are downloaded or executed. The only external link is to official Microsoft documentation for Azure DevOps templates.
- [Command Execution] (SAFE): The skill contains no executable code or scripts. It specifically warns against command injection in pipeline variables.
- [Obfuscation] (SAFE): No encoded content, zero-width characters, or homoglyphs were detected.
Audit Metadata