Azure Compliance & Security Auditing

Name: azure-skills/azure-compliance
Author: microsoft

Share on X Share on LinkedIn Share on Bluesky

15Low

The skill enables reconnaissance of sensitive Azure Key Vault artifacts by listing and retrieving metadata for keys, secrets,

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

Azure Compliance & Security Auditing: | Property | Details | |---|---| | Best for | Compliance scans, security audits, Key Vault expiration checks | | Primary capabilities | Comprehensive Resources Assessment, Key Vault Expiration Monitoring | | MCP tools | azqr, subscription and resource group listing, Key Vault item inspection |

Actually does

This skill utilizes internal MCP tools to execute `azqr` for comprehensive Azure resource assessments, list Azure subscriptions and resource groups, and inspect Azure Key Vaults. It retrieves details, including expiration dates, for keys, secrets, and certificates within Key Vaults. It requires prior `az login` authentication and appropriate Azure permissions.

Threat Analysis

AI Agent Traps ↗Scanned 5/4/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoningclean

Cognitive StateMemory & Learningclean

Behavioural ControlAction1 finding

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namemicrosoft/azure-skills/azure-compliance

Registrygithub

Versioneb84d07b5490

PURLpkg:github/microsoft/azure-skills@eb84d07b5490?skill=azure-compliance

Stars849

Installs292,600

Source

Repository ↗SKILL.md ↗

SHA-2561f35685eadc0...

SHA-1c4084e39cb32...

MD58756a6adec1a...

TLSHd2a15687471d...

ssdeep96:IHFjNA5mA...

Size4,739 bytes

Install

GitHub

https://github.com/microsoft/azure-skills

292,600 installs

Claude CodeDocs

/plugin marketplace add microsoft/azure-skills

/plugin install azure-compliance@microsoft/azure-skills

Gemini CLIDocs

gemini extensions install https://github.com/microsoft/azure-skills.git --consent

Skills.shDocs

npx skills add https://github.com/microsoft/azure-skills

Assessments (1)

AI Agent Traps ↗

Access to sensitive Azure Key Vault metadatalowreconnaissance

The skill is designed to list and retrieve metadata (including expiration dates) for keys, secrets, and certificates within Azure Key Vault. This capability allows for reconnaissance of sensitive security artifacts.

100% confidenceline 65

`keyvault_key_list`, `keyvault_key_get`, `keyvault_secret_list`, `keyvault_secret_get`, `keyvault_certificate_list`, `keyvault_certificate_get`

Version History (2)

eb84d07b5490current15Low5/4/2026 3d8788273dee40Medium4/14/2026

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-compliance.svg)](https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-compliance)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/github/microsoft/azure-skills/azure-compliance"><img src="https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-compliance.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/github/microsoft/azure-skills/azure-compliance.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow