The Agent Skills Directory

Data Ingestion and Processing Considerations: The skill is designed to analyze external code and configuration files, such as AWS Lambda functions and SAM templates, to generate migration reports and converted code. While this is necessary for its purpose, processing untrusted code represents an entry point for indirect instructions.
Ingestion points: Workspace files (e.g., handler scripts, templates) are ingested during the assessment and migration phases.
Boundary markers: The instructions do not specify the use of delimiters to separate user-provided code from the agent's internal reasoning.
Capability inventory: The skill uses tools to access best practices and documentation, and it writes new files to a specific output directory in the workspace.
Sanitization: The skill focus is on code transformation without explicit mention of input sanitization or validation routines.
Identity-First Authentication: The instructions emphasize modern security practices by advocating for User Assigned Managed Identities (UAMI) and RBAC roles instead of static connection strings or API keys. This reduces the risk of credential exposure.
Human-in-the-loop Controls: A policy for destructive actions is enforced, requiring the agent to obtain user consent before deleting files, overwriting code, or deploying resources. This provides a safeguard against unintended modifications to the environment.

azure-cloud-migrate