azure-compliance
Run Azure compliance and security audits with azqr plus Key Vault expiration checks. Covers best-practice assessment, resource review, policy/compliance validation, and security posture checks. WHEN: compliance scan, security audit, BEFORE running azqr (compliance cli tool), Azure best practices, Key Vault expiration check, expired certificates, expiring secrets, orphaned resources, compliance assessment.
83
78%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./.github/plugins/azure-skills/skills/azure-compliance/SKILL.mdQuality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong skill description that clearly identifies its domain (Azure compliance and security auditing), lists specific capabilities (azqr audits, Key Vault expiration checks, policy validation, resource review), and provides explicit trigger terms via a 'WHEN:' clause. The description is concise, uses third-person voice, and includes both tool-specific terms (azqr) and natural language terms users would employ.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'Run Azure compliance and security audits with azqr', 'Key Vault expiration checks', 'best-practice assessment', 'resource review', 'policy/compliance validation', 'security posture checks'. These are concrete, identifiable tasks. | 3 / 3 |
Completeness | Clearly answers both 'what' (run Azure compliance/security audits with azqr, Key Vault expiration checks, best-practice assessment, resource review, policy/compliance validation, security posture checks) and 'when' with an explicit 'WHEN:' clause listing trigger scenarios like 'compliance scan', 'security audit', 'BEFORE running azqr', etc. | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural terms users would say: 'compliance scan', 'security audit', 'Azure best practices', 'Key Vault expiration check', 'expired certificates', 'expiring secrets', 'orphaned resources', 'compliance assessment', and the tool name 'azqr'. These are terms users would naturally use when requesting these tasks. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with a clear niche: Azure-specific compliance and security auditing using the azqr tool, plus Key Vault expiration checks. The combination of Azure, azqr, Key Vault, and compliance/security terms creates a very specific domain unlikely to conflict with other skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
57%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is well-organized as a hub document with good progressive disclosure to reference materials, but the main body lacks concrete, executable guidance. The workflow steps are too abstract ('Run azqr and capture output artifacts') without showing actual MCP tool invocations or expected output formats. There's also some redundancy between the 'When to Use' and 'Skill Activation Triggers' sections that could be consolidated.
Suggestions
Add concrete MCP tool invocation examples in the workflow steps, e.g., show the actual call to `mcp_azure_mcp_extension_azqr` with parameters and expected output structure.
Consolidate 'When to Use This Skill' and 'Skill Activation Triggers' into a single section to reduce redundancy.
Add a validation checkpoint after step 2 (e.g., 'Verify azqr completed successfully and output file exists before proceeding to analysis') and a feedback loop for remediation verification.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill has some unnecessary sections like 'Skill Activation Triggers' which extensively lists things Claude can infer, and the 'When to Use This Skill' section overlaps significantly with triggers. The tables are reasonably efficient but there's redundancy between sections. | 2 / 3 |
Actionability | The skill lists MCP tools and references external files for detailed procedures, but the main body lacks any concrete executable commands or code examples. The workflow is described at a high level ('Run azqr and capture output artifacts') without showing actual tool invocations or expected outputs. | 2 / 3 |
Workflow Clarity | The 5-step assessment workflow provides a sequence but lacks validation checkpoints and feedback loops. For a compliance/security audit involving potentially destructive remediation steps, there are no explicit verification steps between scanning and remediation, and no error recovery loops. | 2 / 3 |
Progressive Disclosure | Excellent use of progressive disclosure with a clear overview in the main file and well-signaled one-level-deep references to detailed assessment guides, SDK references, and resource graph queries. Navigation is easy with clearly labeled reference tables. | 3 / 3 |
Total | 9 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- microsoft/azure-skills
- Commit
9d594ab
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.