auditing-azure-active-directory-configuration
Auditing Microsoft Entra ID (Azure Active Directory) configuration to identify risky authentication policies, overly permissive role assignments, stale accounts, conditional access gaps, and guest user risks using AzureAD PowerShell, Microsoft Graph API, and ScoutSuite.
55
62%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/auditing-azure-active-directory-configuration/SKILL.mdQuality
Discovery
82%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong description with excellent specificity, rich trigger terms, and a clear distinctive niche in Azure AD security auditing. Its primary weakness is the lack of an explicit 'Use when...' clause, which would help Claude know exactly when to select this skill over others. Adding trigger guidance would elevate this from good to excellent.
Suggestions
Add an explicit 'Use when...' clause, e.g., 'Use when the user asks about Azure AD security audits, Entra ID configuration review, identity access management risks, or cloud identity posture assessment.'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: auditing authentication policies, identifying risky configurations, overly permissive role assignments, stale accounts, conditional access gaps, and guest user risks. Also names specific tools: AzureAD PowerShell, Microsoft Graph API, and ScoutSuite. | 3 / 3 |
Completeness | The 'what' is well-covered with specific auditing actions and tools, but there is no explicit 'Use when...' clause or equivalent trigger guidance telling Claude when to select this skill. Per rubric guidelines, this caps completeness at 2. | 2 / 3 |
Trigger Term Quality | Excellent coverage of natural keywords users would say: 'Entra ID', 'Azure Active Directory', 'authentication policies', 'role assignments', 'stale accounts', 'conditional access', 'guest user', 'AzureAD PowerShell', 'Microsoft Graph API', 'ScoutSuite'. These are terms a security professional would naturally use. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with a clear niche: Microsoft Entra ID / Azure AD security auditing. The combination of specific platform (Entra ID), specific risk categories, and specific tools makes it very unlikely to conflict with other skills. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
42%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
The skill excels in actionability with concrete, executable commands across all audit steps, making it immediately useful for Azure AD security assessments. However, it is significantly bloated with explanatory content Claude doesn't need (glossary definitions, tool descriptions, detailed 'when to use' guidance), and the entire content is crammed into a single file with no progressive disclosure. The workflow lacks validation checkpoints and decision points that would be important for a multi-step security audit.
Suggestions
Remove the 'Key Concepts' table entirely — Claude knows what Entra ID, Conditional Access, and legacy authentication are. Similarly trim the 'Tools & Systems' descriptions to just tool names and when to use each.
Extract the 'Common Scenarios' section and 'Output Format' into separate referenced files (e.g., SCENARIOS.md, REPORT_TEMPLATE.md) to reduce the main skill's token footprint.
Add validation checkpoints between steps, e.g., 'Verify Graph connection succeeded before proceeding' after Step 1, and decision logic like 'If Security Defaults are enabled, conditional access policies may be limited — adjust Step 3 accordingly.'
Replace the hardcoded date strings (2025-11-25, 2026-02-16) with dynamic date calculation commands to avoid time-sensitive content that will become stale.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is excessively verbose. The 'Key Concepts' table explains terms Claude already knows (what Microsoft Entra ID is, what Conditional Access is, what legacy authentication means). The 'Tools & Systems' section describes well-known tools unnecessarily. The 'When to Use' and 'Do not use' sections are overly detailed. The entire document could be cut by 40-50% without losing actionable content. | 1 / 3 |
Actionability | The skill provides fully executable PowerShell and Azure CLI commands throughout all steps. Commands are copy-paste ready with specific Graph API endpoints, query filters, and output formatting. The code examples are concrete and directly usable. | 3 / 3 |
Workflow Clarity | The six steps are clearly sequenced and logically ordered from enumeration through automated assessment. However, there are no validation checkpoints or feedback loops between steps — no guidance on what to do if a command fails, no verification that results are complete, and no explicit decision points (e.g., 'if Security Defaults are enabled, skip Step 3'). For a security audit involving potentially sensitive operations, this is a gap. | 2 / 3 |
Progressive Disclosure | The content is a monolithic wall of text with no references to external files. Everything — concepts, tool descriptions, scenarios, output format — is inlined into a single long document. The Key Concepts table, Tools & Systems section, and Common Scenarios section could all be separate reference files, keeping the main skill focused on the workflow. | 1 / 3 |
Total | 7 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Repository
- mukul975/Anthropic-Cybersecurity-Skills
- Commit
0445030
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.