The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill uses curl to fetch work items and pull request threads from the Azure DevOps API (dev.azure.com). As this is an official domain of a well-known service provider, these network operations are considered safe and consistent with the skill's stated purpose.- [COMMAND_EXECUTION]: The skill utilizes bash scripts and a Python helper to manage identifier resolution, data fetching, and content normalization. Analysis of the scripts (generate-handoff.sh, normalize-work-item.sh, etc.) confirms they perform legitimate logic and do not execute untrusted code or remote payloads.- [SAFE]: The skill demonstrates a strong security posture through several mechanisms:
Proactive Redaction: It includes regex-based logic to detect and redact potential secrets like Azure DevOps PATs and Bearer tokens from the content before it is emitted in the output JSON.
Least Privilege: The skill is strictly scoped to read-only operations. All API calls use the GET method, and the workflow explicitly blocks any mutation or write actions.
Content Sanitization: Work item descriptions and PR comments are processed through a Python-based HTML parser to strip tags and normalize text, reducing the risk of indirect prompt injection or layout manipulation in downstream consumers.
Secure Auth Handling: Credentials are required via environment variables (AZURE_DEVOPS_PAT) rather than hardcoding, and the skill includes checks to ensure they are not echoed or persisted.

ado-gateway