Back to skill

Security audit

Azure DevOps Reports

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent read-only Azure DevOps reporting tool, but its broad trigger examples could cause stored credentials to be used for sensitive project data when the user did not clearly ask for Azure DevOps access.

Install only if you are comfortable giving this skill a read-capable Azure DevOps PAT and allowing it to generate local reports from project and work item data. Use least-privilege read scopes, keep the .env file private, and phrase requests explicitly with Azure DevOps context to avoid accidental report generation from generic team, sprint, or Excel prompts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
77% confidence
Finding
The workflow and invocation guidance indicate the skill may activate based on broad natural-language requests, increasing the chance of unintended execution. In a credentialed Azure DevOps context, accidental triggering could expose project metadata, team rosters, or report exports when the user did not explicitly intend to run this skill.

Vague Triggers

Medium
Confidence
91% confidence
Finding
Several example phrases are generic, such as requests to generate a report or regenerate an Excel file, and can overlap with unrelated conversation. Because this skill uses stored credentials and may default to configured project/query values, ambiguous activation could cause unintended data retrieval and local report generation without sufficiently explicit user consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.