category	severity	online version
Microsoft Azure DevOps Pipelines	Severe	https://github.com/cloudyspells/PSRule.Rules.AzureDevOps/blob/main/src/PSRule.Rules.AzureDevOps/en/Azure.DevOps.Pipelines.Settings.SanitizeShellTaskArguments.md

Azure.DevOps.Pipelines.Settings.SanitizeShellTaskArguments

SYNOPSIS

Project settings should enforce sanitization of shell task arguments to prevent command injection.

DESCRIPTION

Shell tasks can be used to run arbitrary commands on the agent. If the arguments are not sanitized, it is possible for a malicious actor to inject additional commands into the arguments. This can lead to the execution of malicious code on the agent.

Mininum TokenType: ReadOnly

RECOMMENDATION

Consider enforcing sanitization of shell task arguments in the project settings.

LINKS

Azure DevOps Security best practices

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Azure.DevOps.Pipelines.Settings.SanitizeShellTaskArguments.md

Azure.DevOps.Pipelines.Settings.SanitizeShellTaskArguments.md

Azure.DevOps.Pipelines.Settings.SanitizeShellTaskArguments

SYNOPSIS

DESCRIPTION

RECOMMENDATION

LINKS

Files

Azure.DevOps.Pipelines.Settings.SanitizeShellTaskArguments.md

Latest commit

History

Azure.DevOps.Pipelines.Settings.SanitizeShellTaskArguments.md

File metadata and controls

Azure.DevOps.Pipelines.Settings.SanitizeShellTaskArguments

SYNOPSIS

DESCRIPTION

RECOMMENDATION

LINKS