Enable AI agents to securely access Azure DevOps with per-user authentication.
The material describes a multi-user wrapper around Azure DevOps MCP that authenticates per user and interacts with Azure DevOps using isolated PATs. Although the top-level metadata says no secrets and no remote endpoints, the description clearly implies per-user auth and external service access, so the inconsistency warrants caution rather than an automatic high-risk rating.
The description explicitly mentions per-user authentication and isolated PATs, indicating likely use of Azure DevOps Personal Access Tokens, which are sensitive credentials. This conflicts with the metadata claiming no secrets; token injection, storage, and isolation should be verified, but no explicit credential abuse red flag is shown in the material.
Based on its stated function, the tool would need network communication with Azure DevOps services, so some outbound traffic to relevant Microsoft endpoints is expected; this conflicts with the metadata saying no remote endpoints. The material does not show data being sent to unrelated or unknown third-party endpoints.
The system checks indicate this MCP tool can execute code or spawn processes, which is a common runtime property for MCP services. The material does not state any system-level privileges beyond its purpose, but it should still be run with least privilege and in an isolated environment.
Its core purpose is to access Azure DevOps resources on behalf of different users, implying it may handle project, work item, repository, or pipeline data. The material does not specify local file access scope, and no clearly excessive data permissions are stated, but the multi-user design makes tenant/user isolation an important point to verify.
The project has an auditable open-source repository under the MIT license, which are positive risk-reducing signals. However, it comes from a third-party registry, has 0 stars, unknown maintenance status, no README, and inconsistencies between metadata and description, so supply-chain transparency is limited and the source plus dependencies should be reviewed manually.
Copy the install command and let the AI configure it · recommended for beginners
No copy-paste install info for "azure-devops-mcp" yet — see the docs or source repo.
Using the Azure DevOps tools with my current authenticated account, list my in-progress assigned work items sorted by priority. Return the title, ID, status, and due date.
A prioritized list of work items the current user can access, with key fields summarized.
Use Azure DevOps to retrieve the latest 10 build and release results for this project, highlight failures, and summarize likely causes with links.
A summary of recent build and release statuses, including failures, likely causes, and direct links.
Using my current Azure DevOps permissions, fetch the branch list, recent commits, and current pull request summary for the specified repository.
A repository overview the current user is allowed to access, including branches, commits, and pull requests.
Connect AI to Azure DevOps to manage projects, repos, work items, and pipelines.
Connect AI to on-prem Azure DevOps for repos, PRs, work items, and wikis.
Interact with Azure DevOps projects, work items, repos, and pipelines via natural language.
Connect AI to Azure DevOps to manage work items, repos, and pipelines.
Lets AI manage Azure DevOps projects, repos, work items, PRs, and pipelines.
Use natural language to query and operate Azure DevOps Server resources.