The Agent Skills Directory

Infrastructure Validation: The skill executes commands to validate Bicep and Terraform configurations, such as az deployment validate and terraform plan, ensuring syntax and deployment logic are correct.
Authentication and Configuration Checks: It verifies Azure account status and environment variables (using az account show and azd env get-values) to prevent deployment failures due to misconfiguration.
Policy and Role Verification: The skill includes checks for Azure Policy compliance and RBAC role assignments, verifying that identities have the necessary data-plane permissions (e.g., 'Storage Blob Data Contributor').
Project-Specific Validation: For .NET Aspire and Azure Functions projects, it performs targeted checks for secret storage and container registry configuration.
Indirect Prompt Injection Surface: The skill ingests data from local project files including azure.yaml and infrastructure templates (Ingestion points). It lacks explicit boundary markers in the instructions for these file reads. The skill possesses capabilities to execute shell commands and modify local deployment plans (Capability inventory). Sanitization and validation are delegated to the underlying CLI tools like azd and terraform (Sanitization).

azure-validate