AgentSkillsCN

azure-compliance

全面覆盖 Azure 合规与安全审计能力,包括最佳实践评估、密钥保管库到期监控,以及资源配置验证。 适用场景:合规扫描、安全审计、AZQR、Azure 最佳实践、密钥保管库到期检查、合规性评估、资源审查、配置验证、过期证书、即将到期的秘密、孤岛资源、政策合规、安全态势评估。切勿用于:资源部署(使用 Azure Deploy)、单纯的成本分析(使用 Azure Cost Optimization)、主动安全加固(使用 Azure Security Hardening)、通用 Azure Advisor 查询(使用 Azure Observability)。

SKILL.md
--- frontmatter
name: azure-compliance
description: |
  Comprehensive Azure compliance and security auditing capabilities including best practices assessment,
  Key Vault expiration monitoring, and resource configuration validation.
  USE FOR: compliance scan, security audit, azqr, Azure best practices, Key Vault expiration check,
  compliance assessment, resource review, configuration validation, expired certificates, expiring secrets,
  orphaned resources, policy compliance, security posture evaluation.
  DO NOT USE FOR: deploying resources (use azure-deploy), cost analysis alone (use azure-cost-optimization),
  active security hardening (use azure-security-hardening), general Azure Advisor queries (use azure-observability).

Azure Compliance & Security Auditing

Triggers

Activate this skill when user wants to:

  • Check Azure compliance or best practices
  • Assess Azure resources for configuration issues
  • Run azqr or Azure Quick Review
  • Identify orphaned or misconfigured resources
  • Review Azure security posture
  • "Show me expired certificates/keys/secrets in my Key Vault"
  • "Check what's expiring in the next 30 days"
  • "Audit my Key Vault for compliance"
  • "Find secrets without expiration dates"
  • "Check certificate expiration dates"

Assessments

AssessmentReference
Comprehensive Compliance (azqr)references/azure-quick-review.md
Key Vault Expirationreferences/azure-keyvault-expiration-audit.md

MCP Tools

ToolPurpose
mcp_azure_mcp_extension_azqrRun azqr compliance scans
mcp_azure_mcp_subscription_listList available subscriptions
mcp_azure_mcp_group_listList resource groups
keyvault_key_listList all keys in vault
keyvault_key_getGet key details including expiration
keyvault_secret_listList all secrets in vault
keyvault_secret_getGet secret details including expiration
keyvault_certificate_listList all certificates in vault
keyvault_certificate_getGet certificate details including expiration