Skills

azure-devops

Installation
SKILL.md

Azure DevOps Pipelines Code Review Rules

Security (Critical)

  • Use service connections with minimal permissions
  • Store secrets in Variable Groups linked to Key Vault
  • Use secure files for certificates/keys
  • Enable branch policies for protected branches
  • Require approvals for production environments
  • Scan pipeline YAML for hardcoded secrets/credentials
  • Review inline scripts for command injection, unsafe variable expansion, and commonly exploited patterns
  • Consider using static analysis tools for script security
  • Avoid echoing secrets in script output
  • Use credential scanning tools in PR validation
  • Validate compile-time template expressions (${{ }}) to prevent injection during pipeline parsing; avoid direct user input in template expansion
  • Sanitize runtime variables ($()) before using in scripts to prevent command injection; never interpolate untrusted data into script commands
Installs
3
Repository
yldgio/anomalyco
First Seen
Jan 29, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
azure-devops — yldgio/anomalyco