jjjermiah/azuredevops-pipelines-logging
src/dot-agents/skills/azuredevops-pipelines-logging/SKILL.md
Azure DevOps Pipelines logging-command guidance for reliable script-to-agent signaling, variable passing, and log UX. Use when writing or debugging `##vso[...]` and `##[...]` commands in YAML/Bash/PowerShell pipelines, troubleshooting output variable scope, handling secrets and masking behavior, or publishing summaries/artifacts from scripts. Pair with `azuredevops-pipelines-template` when template architecture and logging semantics are both in scope.
$ install --global
skillsauthnpx skillsauth add jjjermiah/dotagents azuredevops-pipelines-loggingInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 25, 2026, 3:49 PM136.0s4 files scanned
SKILL.md
- name:
- azuredevops-pipelines-logging
- description:
- Azure DevOps Pipelines logging-command guidance for reliable script-to-agent signaling, variable passing, and log UX. Use when writing or debugging `##vso[...]` and `##[...]` commands in YAML/Bash/PowerShell pipelines, troubleshooting output variable scope, handling secrets and masking behavior, or publishing summaries/artifacts from scripts. Pair with `azuredevops-pipelines-template` when template architecture and logging semantics are both in scope.
Azure DevOps Logging
Purpose
Produce correct, debuggable Azure DevOps logging commands from scripts without silent parser failures. Ensure variable flow, task outcomes, and log readability work predictably across jobs and stages.
Scope Boundary
- Own script-to-agent signaling, task-state updates, and log formatting.
- Own command correctness, escaping, and variable handoff syntax.
- Do not own pipeline topology, trigger strategy, or template API design.
Pairing Contract with azuredevops-pipelines-template
Use both skills together for full pipeline quality:
azuredevops-pipelines-templatedecides compile-time structure, typed template contracts, and PR-versus-main topology.azuredevops-pipelines-loggingimplements script-level state signaling:task.setvariable,task.logissue,task.complete, summaries, and tags.- Keep boundary explicit: template skill chooses where data should flow; logging skill chooses how command lines implement that flow safely.
Core Rules
-
Treat Azure DevOps script output as two distinct families:
log-formattingcommands:##[...]lines that only change how logs look.agent-actioncommands:##vso[...]lines that change pipeline state.
-
When deciding a command, classify intent first:
- "I want logs easier to read" -> use
##[...]only. - "I want to change variables/status/build metadata/artifacts" -> use
##vso[...].
- "I want logs easier to read" -> use
-
Use exact command formats only:
##vso[area.action property=value;...]message##[group|warning|error|section|debug|command|endgroup]message
-
Use absolute paths for file-based commands (
uploadsummary,uploadfile, artifact/build upload commands). -
Do not emit logging commands while Bash xtrace is enabled (
set -x). Disable around the command, then restore. -
Never print secrets directly. Use environment variables and masking commands. Assume secret substrings are not masked.
-
For values that may contain
%,\n,\r,;, or], escape first.
Workflow
- Classify goal: log formatting, task control, variable exchange, artifact/summary publishing, or metadata update.
- Choose minimal command and scope (same step, same job, future job, stage).
- Build command string with required properties only.
- Escape payload if dynamic/user-controlled.
- Emit via
echo(Bash) orWrite-Host(PowerShell). - Verify in run logs/timeline: parser accepted command, expected downstream behavior appears.
High-Value Patterns
Safe Escaping for task.setvariable
Use this when value may include newline, carriage return, or percent.
escape_azdo_value() {
local data="$1"
data="${data//'%'/'%AZP25'}"
data="${data//$'\n'/'%0A'}"
data="${data//$'\r'/'%0D'}"
printf '%s' "$data"
}
echo "##vso[task.setvariable variable=myVar;isOutput=true]$(escape_azdo_value "$VALUE")"
Temporary xtrace Disable
{ set +x; } 2>/dev/null
echo "##vso[task.setvariable variable=buildFlavor;]release"
set -x
Scope-Correct Variable Usage
- Same job, no
isOutput: read as$(myVar)in later steps. - Same job,
isOutput=true: set task name and read as$(TaskName.myVar). - Future job: map through
dependencies.<job>.outputs['<task>.<var>']. - Future stage: map through
stageDependencies.<stage>.<job>.outputs['<task>.<var>']. - Newly set variables are never available in the same step.
Failure Semantics
- Use
task.logissue type=errorto surface actionable message. - Use
task.complete result=Failed;for explicit task status when needed. - Use non-zero exit when script should fail immediately.
- Avoid contradictory signaling (for example, command says succeeded but script later exits non-zero).
Command Selection Quick Guide
A) Log-Formatting Commands (##[...])
Use these for human-readable logs only. They do not modify pipeline variables, build number, artifacts, or task result.
##[group]/##[endgroup]: collapsible log block.##[section]: visual section marker.##[warning]/##[error]: highlighted log lines.##[debug]: diagnostics line.##[command]: show the command being run.
B) Agent-Action Commands (##vso[...])
Use these when you need side effects in pipeline state.
task.setvariable/task.setsecret: variable and secret handling.task.logissue: timeline warning/error metadata.task.complete: explicit task result.task.setprogress: progress indicator updates.task.uploadsummary/task.uploadfile: publish summary or files.task.prependpath: update PATH for downstream steps.build.updatebuildnumber/build.addbuildtag: build metadata updates.
Fast Decision Rule
- If removing the command would only change log appearance ->
##[...]. - If removing the command would change pipeline behavior/data ->
##vso[...].
Output Contract
When this skill is used, respond with:
- Chosen logging command(s) and why.
- Copy/paste-ready Bash or PowerShell snippet.
- Correct variable reference syntax for same job/future job/stage (if relevant).
- Verification checklist (where to confirm success in logs/UI).
- Explicit note when template-level changes should be delegated to
azuredevops-pipelines-template.
References (Load on Demand)
- references/log-formatting-commands.md
- Load when the goal is readable/collapsible/highlighted logs only.
- references/agent-action-commands.md
- Load when commands need to change pipeline state (variables, status, artifacts, build/release metadata).
- references/community-gotchas.md - Load when troubleshooting parser failures, escaping edge cases, summary quirks, or inconsistent behavior seen in real pipelines.
Related Skills
jjjermiah/skill-creator
development
VerifiedTrustedCommunity
Guides creation, validation, and packaging of AI agent skills with token-efficient design, progressive disclosure patterns, and YAML frontmatter best practices. Use when building new skills, updating existing skills, validating skill structure against standards, or packaging for distribution—e.g., "create skill", "validate SKILL.md", "package skill for sharing", "check description format".
1SKILL.mdUpdated Apr 25, 2026
jjjermiah/sdk-module-investigation
tools
VerifiedTrustedCommunity
Investigate and integrate weakly documented SDK/library modules (especially Azure SDKs) into code. Use when asked to "investigate module", "SDK", "client class", or when docs are missing/weak and you need to discover APIs, models, or usage patterns to implement integration.
1SKILL.mdUpdated Apr 25, 2026
jjjermiah/script-writer
tools
VerifiedTrustedCommunity
Write production-ready one-off scripts and automation utilities with proper error handling and safety patterns. Use when developing bash automation, Python CLI tools, shell scripts, system administration scripts, or command-line batch processing—e.g., "write a script to process files", "python one-liner for data conversion", "bash automation for backups", "shell script with error handling".
1SKILL.mdUpdated Apr 25, 2026
jjjermiah/r-testing
development
VerifiedTrustedCommunity
R package testing with testthat 3rd edition. Use when writing R tests, fixing failing tests, debugging errors, or reviewing coverage—e.g., "write testthat tests", "fix failing R tests", "snapshot testing", "test coverage".
1SKILL.mdUpdated Apr 25, 2026