ado-install
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local shell and PowerShell commands to configure environment variables and system settings. These operations are strictly limited to the functional requirement of making the Azure DevOps credentials available to the Cursor application.\n- [EXTERNAL_DOWNLOADS]: Fetches the official
@azure-devops/mcppackage vianpxfrom the NPM registry and performs connectivity tests against official Azure DevOps API endpoints (dev.azure.com).\n- [DATA_EXFILTRATION]: While the skill accesses the stored Personal Access Token (PAT), it does so exclusively to verify connectivity with the official Azure DevOps API. The instructions explicitly direct the agent not to request or store the token within the chat context.
Audit Metadata