azure-compliance

Run Azure compliance and security audits with azqr plus Key Vault expiration checks. Covers best-practice assessment, resource review, policy/compliance validation, and security posture checks. WHEN: compliance scan, security audit, BEFORE running azqr (compliance cli tool), Azure best practices, Key Vault expiration check, expired certificates, expiring secrets, orphaned resources, compliance assessment.

Quality

71%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Passed

No known issues

Fix and improve this skill with Tessl

tessl review fix ./plugin/skills/azure-compliance/SKILL.md

Quality

Content

42%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The skill is well-organized as a navigation hub with good progressive disclosure to reference files, but critically lacks actionable, concrete guidance in the main body. The workflow is too abstract—steps like 'Run azqr and capture output artifacts' and 'Analyze Scan Results' provide no executable commands or specific tool invocation patterns. The content would benefit significantly from concrete examples showing actual MCP tool calls and expected outputs.

Suggestions

Add concrete examples of MCP tool invocations (e.g., show exact parameters for `mcp_azure_mcp_extension_azqr` and how to interpret its output)

Include a specific, executable example workflow showing how to check Key Vault expiration using the listed MCP tools with sample parameters and expected response structure

Add validation checkpoints to the workflow (e.g., 'Verify azqr scan completed successfully before analyzing results' with specific success indicators)

Remove or consolidate the redundant 'When to Use This Skill' and 'Skill Activation Triggers' sections into a single concise trigger list

Dimension	Reasoning	Score
Conciseness	The skill includes some unnecessary sections like 'Skill Activation Triggers' which extensively lists things Claude can infer, and the 'When to Use This Skill' section largely duplicates the triggers. The tables are reasonably efficient but there's redundancy between sections. The 'Best Practices' section states obvious guidance Claude already knows.	2 / 3
Actionability	The skill provides no executable code, no concrete commands, and no specific examples of how to actually run azqr or query Key Vault expiration. The workflow is a high-level numbered list with vague steps like 'Run azqr and capture output artifacts' and 'Analyze Scan Results' without showing how. All concrete guidance is deferred to reference files that weren't provided.	1 / 3
Workflow Clarity	The 5-step workflow provides a reasonable sequence but lacks validation checkpoints, feedback loops, and concrete details. For operations involving security auditing and compliance, there's no verification step to confirm scan completion or validate results before proceeding. The priority classification table is helpful but doesn't integrate into the workflow steps.	2 / 3
Progressive Disclosure	The skill is well-structured as an overview with clear one-level-deep references to specific assessment guides (azure-quick-review.md, azure-keyvault-expiration-audit.md, azure-resource-graph.md) and SDK references. Navigation is clear with well-organized tables pointing to detailed materials. References are clearly signaled and appropriately categorized.	3 / 3
	Total	8 / 12 Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is a strong skill description that clearly communicates specific capabilities (Azure compliance audits via azqr, Key Vault expiration checks), provides comprehensive trigger terms in an explicit WHEN clause, and occupies a distinct niche. The description is concise, uses third-person voice, and covers both what the skill does and when it should be selected.

Dimension	Reasoning	Score
Specificity	Lists multiple specific concrete actions: 'Run Azure compliance and security audits with azqr', 'Key Vault expiration checks', 'best-practice assessment', 'resource review', 'policy/compliance validation', 'security posture checks'. These are concrete, actionable capabilities.	3 / 3
Completeness	Clearly answers both 'what' (run Azure compliance/security audits with azqr, Key Vault expiration checks, best-practice assessment, resource review, policy/compliance validation) and 'when' with an explicit 'WHEN:' clause listing trigger scenarios like compliance scan, security audit, before running azqr, etc.	3 / 3
Trigger Term Quality	Excellent coverage of natural terms users would say: 'compliance scan', 'security audit', 'Azure best practices', 'Key Vault expiration check', 'expired certificates', 'expiring secrets', 'orphaned resources', 'compliance assessment'. These are terms users would naturally use when requesting these tasks.	3 / 3
Distinctiveness Conflict Risk	Highly distinctive with a clear niche: Azure-specific compliance and security auditing using the azqr tool plus Key Vault expiration checks. The combination of Azure, azqr, Key Vault, and compliance creates a very specific domain unlikely to conflict with other skills.	3 / 3
	Total	12 / 12 Passed

Validation

100%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 11 / 11 Passed

Validation for skill structure

No warnings or errors.

Repository: microsoft/github-copilot-for-azure
Commit: d4563f6

Reviewed: 3 days ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.