azure-governance-discovery
**ANALYSIS SKILL** — Azure Policy discovery: effective assignments (incl. MG-inherited), definitions/exemptions, effect classification, emits governance-constraints JSON. WHEN: 'Azure policy discovery', 'effective policy assignments', 'governance constraints', '04g-Governance Phase 1', 'refresh governance JSON'. DO NOT USE FOR: artifact writing, architecture mapping.
71
86%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Passed
No known issues
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong, well-structured skill description that clearly defines its scope, provides explicit trigger terms, and includes boundary exclusions to minimize conflict with other skills. The use of a structured format (WHEN/DO NOT USE FOR) makes it easy for Claude to determine when to select this skill. The only minor note is the use of some domain-specific abbreviations (MG-inherited) that could be slightly more explicit, but these are appropriate for the target audience.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'effective assignments (incl. MG-inherited)', 'definitions/exemptions', 'effect classification', 'emits governance-constraints JSON'. These are clearly defined, concrete capabilities. | 3 / 3 |
Completeness | Clearly answers both 'what' (Azure Policy discovery with specific sub-capabilities) and 'when' (explicit WHEN clause with trigger terms). Also includes a 'DO NOT USE FOR' clause which adds further clarity on boundaries. | 3 / 3 |
Trigger Term Quality | Includes a rich set of natural trigger terms in the WHEN clause: 'Azure policy discovery', 'effective policy assignments', 'governance constraints', '04g-Governance Phase 1', 'refresh governance JSON'. These cover both natural language and project-specific identifiers users would actually say. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with a clear niche around Azure Policy governance discovery. The explicit 'DO NOT USE FOR: artifact writing, architecture mapping' clause actively reduces conflict risk with adjacent skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
72%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured skill with strong actionability and excellent progressive disclosure via a two-tier reference system. The main weaknesses are moderate verbosity (design notes, some redundant explanations) and a workflow that could more explicitly define the parent agent's decision tree based on exit codes. The output contract and invocation details are precise and copy-paste ready.
Suggestions
Add an explicit step-by-step workflow showing the parent agent's actions after each exit code (e.g., 'If exit 1 (PARTIAL): surface warning to user, proceed with partial data; If exit 2 (FAILED): halt and report auth error').
Trim the 'Design Notes' section — internal implementation details about batched REST calls and Defender filtering percentages are not needed for the agent to use the skill correctly.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Generally efficient but includes some unnecessary context like the 'Design Notes' section explaining internal REST call details and the 'Replaces the legacy governance-discovery-subagent' preamble. The 'When NOT to Use' section is useful but slightly verbose. Some explanations about Defender filtering rationale could be deferred entirely to references. | 2 / 3 |
Actionability | Provides a fully executable command with clear flags table, explicit exit codes with meanings, concrete stdout JSON example, and specific test commands. The contract between script and parent agent is precisely defined with copy-paste ready invocations. | 3 / 3 |
Workflow Clarity | The skill describes a single-command invocation with clear exit codes and output contract, but lacks an explicit multi-step workflow showing what the parent agent should do after each exit code. There's no explicit validation/feedback loop — e.g., 'if exit code 1, do X; if exit code 2, do Y' — which is important for a script that can return partial or failed states. | 2 / 3 |
Progressive Disclosure | Excellent two-tier reference index with 'load-always' vs 'load-on-demand' categorization. References are clearly signaled, one level deep, and cover distinct concerns (schema, classification, envelope spec, etc.). The main SKILL.md stays at overview level and delegates appropriately. | 3 / 3 |
Total | 10 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- jonathan-vella/azure-agentic-infraops
- Commit
05d7617
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.