Skills
skills/rjmurillo/ai-agents/pipeline-validator/Gen Agent Trust Hub

pipeline-validator

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple shell commands to interact with the environment and remote services.
  • Uses az (Azure CLI) to list, trigger, and monitor pipelines, as well as fetch build logs.
  • Uses git to detect branches, commit changes, and push code back to the repository.
  • Runs dotnet build to verify code changes locally before pushing.
  • [INDIRECT_PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by consuming external build logs to drive automated code modifications.
  • Ingestion points: Build logs and timeline records retrieved via az devops invoke and pipeline status from az pipelines runs show in SKILL.md (Step 5.1).
  • Boundary markers: Absent. The skill does not use delimiters or provide instructions to the model to ignore potential instructions embedded within build logs.
  • Capability inventory: The skill has the ability to modify local source files, execute git commit, git push (Step 5.4), and trigger new pipeline runs via az pipelines run (Step 4.2).
  • Sanitization: Absent. There is no evidence of sanitization or validation of the content extracted from build logs before it influences the model's code-writing behavior.
  • [DATA_EXPOSURE]: The skill retrieves and processes build logs from Azure DevOps (microsoft.visualstudio.com). While these are official services, the logs may contain sensitive environment information or internal paths that are then processed by the AI agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 03:46 PM