CtrlK
BlogDocsLog inGet started
Tessl Logo

entra-app-registration

Guides Microsoft Entra ID app registration, OAuth 2.0 authentication, and MSAL integration. USE FOR: create app registration, register Azure AD app, configure OAuth, set up authentication, add API permissions, generate service principal, MSAL example, console app auth, Entra ID setup, Azure AD authentication. DO NOT USE FOR: Azure RBAC or role assignments (use azure-rbac), Key Vault secrets (use azure-keyvault-expiration-audit), general Azure resource security guidance.

64

Quality

78%

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

Fix and improve this skill with Tessl

tessl review fix ./.github/plugins/azure-skills/skills/entra-app-registration/SKILL.md
SKILL.md
Quality
Evals
Security

Quality

Content

57%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The body is a well-structured overview with strong progressive disclosure and a clear Step 1–5 sequence, but it pads in concept explanations Claude already knows, keeps executable MSAL code only in references, and omits validation checkpoints for credential/permission operations.

Suggestions

Trim the Overview paragraph and the Key Concepts / Application Types tables, which restate concepts Claude already knows; keep only non-obvious Entra-specific guidance.

Add explicit validation checkpoints to the Core Workflow (e.g., after Step 1 verify with `az ad app show`, after Step 4 test the credential before proceeding) since app/credential/permission changes are config-altering.

Inline a minimal copy-pasteable MSAL snippet in Step 5 (or a short per-language example) so the core 'implement OAuth flow' step is actionable without following a link, and either link the orphan auth-best-practices.md or remove it.

DimensionReasoningScore

Conciseness

The Overview paragraph ('Microsoft Entra ID ... is Microsoft's cloud-based ... IAM service') and the Key Concepts / Application Types tables explain concepts Claude already knows (what a client secret or redirect URI is), which is padding; not level 3 because not every token earns its place, and not level 1 because the body is mostly structured pointers rather than a verbose wall.

2 / 3

Actionability

Concrete guidance exists (numbered portal steps, an `az ad app create`-style CLI command table, specific Graph scopes like `User.Read`), but the core 'Implement OAuth Flow' step only points to references with no inline executable MSAL code; not level 3 because it is not copy-paste ready end-to-end, and not level 1 because concrete commands and steps are present.

2 / 3

Workflow Clarity

The Core Workflow is clearly sequenced Step 1–5, but credential creation, API permission grants, and service-principal creation are config-changing operations with no validation/verification checkpoints (e.g., confirm the app exists, test credentials before proceeding); per the rubric this caps the score at 2 rather than 3.

2 / 3

Progressive Disclosure

The body is a lean overview pointing to well-signaled one-level-deep references (cli-commands.md, oauth-flows.md, etc.), all of which resolve to real files, with dedicated References and SDK Quick References sections for navigation; not level 2 because content is appropriately split and easy to navigate. The unreferenced orphan auth-best-practices.md is a minor blemish that does not undermine the overall structure.

3 / 3

Total

9

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is excellent: third-person, concrete, dense with natural trigger terms, and explicitly scoped with both USE FOR and DO NOT USE FOR guidance. It cleanly distinguishes itself from neighboring Azure skills.

DimensionReasoningScore

Specificity

Uses third-person voice ('Guides Microsoft Entra ID app registration, OAuth 2.0 authentication, and MSAL integration') and lists multiple concrete actions (registration, OAuth config, MSAL integration), matching the 'lists multiple specific concrete actions' anchor; not level 2 because actions are comprehensive rather than partial.

3 / 3

Completeness

Clearly states what the skill does and adds an explicit 'USE FOR:' when-clause, answering both what and when with explicit triggers; not level 2 because the when is explicit rather than implied.

3 / 3

Trigger Term Quality

The 'USE FOR:' clause packs natural user phrasings ('create app registration', 'register Azure AD app', 'configure OAuth', 'MSAL example', 'console app auth', 'Entra ID setup') with both Entra ID and Azure AD variants, giving good coverage of terms users would say; not level 2 because common variations are present.

3 / 3

Distinctiveness Conflict Risk

A 'DO NOT USE FOR' block explicitly redirects Azure RBAC to azure-rbac and Key Vault secrets to azure-keyvault-expiration-audit, carving a clear niche unlikely to conflict; not level 2 because sibling-skill disambiguation is explicit.

3 / 3

Total

12

/

12

Passed

Validation

87%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation14 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

relative_links

Relative link issues: 8 deeper-than-1-level

Warning

referenced_paths_exist

Referenced path issues: 8 deeper-than-1-level

Warning

Total

14

/

16

Passed

Repository
microsoft/azure-skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.