api-security-review
API Security Review Skill
Performs comprehensive security reviews of Azure API Management configurations, policies, and network architecture with focus on OWASP API Security Top 10 and Azure Security Benchmark.
When to Use This Skill
Activate this skill when users need:
- Security audits: Comprehensive review of APIM configuration and policies
- Pre-deployment validation: Security checklist before production deployment
- Compliance reviews: OWASP API Top 10, Azure Security Benchmark, CIS Azure alignment
- Vulnerability assessments: Identify security gaps in authentication, network, policies
- Incident response: Review configuration after security incident
- Architecture validation: Verify VNet Internal mode, Private Link, authentication setup
Security Review Framework
More from thomast1906/github-copilot-agent-skills
drawio-mcp-diagramming
Create and edit architecture diagrams using Draw.io MCP (`drawio/create_diagram`) with reliable Azure and AWS icon rendering guidance and troubleshooting. Supports Azure2 and AWS4 icon libraries. Requires Python 3 and internet access to refresh icon catalogs (periodic, not per-run).
13architecture-design
Design Azure cloud architectures from requirements and generate High-Level Design (HLD) documentation with service selection, patterns, cost estimates, and WAF alignment. Use this when asked to design or architect Azure solutions.
13waf-assessment
Assess Azure architectures against Well-Architected Framework (WAF) five pillars - Reliability, Security, Cost Optimization, Operational Excellence, and Performance Efficiency. Provide scores and recommendations.
11azure-apim-architecture
Analyzes and explains Azure API Management architecture decisions for enterprise API marketplace implementations using VNet Internal mode, Front Door, hybrid authentication, and multi-environment strategies. Use when discussing APIM component selection, network topology, cost optimization, or comparing alternatives like workspaces vs instances, VNet Internal vs External mode, or Front Door vs Application Gateway.
11cost-optimization
Analyze Azure architectures for cost optimization opportunities, provide savings recommendations, and calculate ROI for improvements.
11apiops-deployment
Guides deployment of Azure API Management infrastructure using Infrastructure as Code (Bicep/Terraform), CI/CD pipelines (GitHub Actions/Azure DevOps), and APIOps workflows. Use when deploying APIM, creating pipelines, or implementing dev→test→prod promotion strategies.
10