Add Security Skills Toolkit plugin 🤖🤖🤖#2116
Open
harrider wants to merge 11 commits into
Open
Conversation
github-actions
Bot
added
agent
Contributor
🔒 PR Risk Scan ResultsScanned 26 changed file(s).
|
github-actions
Bot
added
the
skill-check-warning
Contributor
🔍 Skill Validator Results
Summary
Full validator output |
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a new security-skills-toolkit plugin to the Awesome Copilot marketplace, centered around an orchestrator agent that routes developers to specialized security modernization skills (managed identity/secretless-auth migrations, MSAL.js upgrade hops, and a general SFI-guided helper).
Changes:
- Introduces the
security-skills-toolkitplugin (manifest + README) and lists it in the marketplace + generated docs. - Adds the
sst-security-skills-orchestratoragent as the plugin entrypoint. - Adds the
sst-*skill set (secretless-auth migrations + MSAL.js migration router and hop skills).
Reviewed changes
Copilot reviewed 26 out of 26 changed files in this pull request and generated 21 comments.
Show a summary per file
| File | Description |
|---|---|
.github/plugin/marketplace.json |
Registers the new plugin in the generated marketplace index. |
agents/sst-security-skills-orchestrator.agent.md |
Adds the orchestrator agent definition and routing instructions. |
docs/README.agents.md |
Adds the orchestrator agent to generated agent documentation. |
docs/README.plugins.md |
Adds the plugin to generated plugin documentation. |
docs/README.skills.md |
Adds the new sst-* skills to generated skill documentation. |
plugins/security-skills-toolkit/.github/plugin/plugin.json |
Defines plugin metadata and references the agent + skills included in the plugin. |
plugins/security-skills-toolkit/README.md |
Provides installation and usage docs for the plugin and its capabilities. |
skills/sst-cognitive-secretless-auth/SKILL.md |
Skill for migrating Azure Cognitive/AI Services from API keys to Entra/managed identity. |
skills/sst-container-vulnerability-patching/SKILL.md |
Skill for container base-image vulnerability patching guidance grounded in public docs. |
skills/sst-cosmosdb-secretless-auth/SKILL.md |
Skill for migrating Cosmos DB from keys to Entra/managed identity auth. |
skills/sst-eventhub-secretless-auth/SKILL.md |
Skill for migrating Event Hubs from SAS/connection strings to Entra/managed identity. |
skills/sst-general-security-helper/SKILL.md |
General SFI-guided helper skill for concerns without a dedicated specialist skill. |
skills/sst-msaljs-migration/SKILL.md |
Router/orchestrator skill for MSAL.js migrations across package/version hops. |
skills/sst-msaljs-migration-angular-v2-to-v3/SKILL.md |
MSAL Angular v2→v3 hop guidance skill. |
skills/sst-msaljs-migration-angular-v3-to-v4/SKILL.md |
MSAL Angular v3→v4 hop guidance skill. |
skills/sst-msaljs-migration-angular-v4-to-v5/SKILL.md |
MSAL Angular v4→v5 hop guidance skill. |
skills/sst-msaljs-migration-browser-v2-to-v3/SKILL.md |
MSAL Browser v2→v3 hop guidance skill. |
skills/sst-msaljs-migration-browser-v3-to-v4/SKILL.md |
MSAL Browser v3→v4 hop guidance skill. |
skills/sst-msaljs-migration-browser-v4-to-v5/SKILL.md |
MSAL Browser v4→v5 hop guidance skill. |
skills/sst-msaljs-migration-node-v2-to-v3/SKILL.md |
MSAL Node v2→v3 hop guidance skill. |
skills/sst-msaljs-migration-node-v3-to-v5/SKILL.md |
MSAL Node v3→v5 hop guidance skill. |
skills/sst-msaljs-migration-react-v3-to-v5/SKILL.md |
MSAL React v3→v5 hop guidance skill. |
skills/sst-redis-secretless-auth/SKILL.md |
Skill for migrating Azure Cache for Redis from access keys to Entra/managed identity. |
skills/sst-servicebus-secretless-auth/SKILL.md |
Skill for migrating Azure Service Bus from SAS/connection strings to Entra/managed identity. |
skills/sst-sql-secretless-auth/SKILL.md |
Skill for migrating Azure SQL from SQL auth to Entra/managed identity. |
skills/sst-storage-secretless-auth/SKILL.md |
Skill for migrating Azure Storage from shared keys to Entra/managed identity. |
…github.com/harrider/awesome-copilot into harrider/skill/add-security-skills-toolkit
aaronpowell
removed
targets-main
|
|
||
| ## Who You Are | ||
|
|
||
| You are the **Security Skills Orchestrator** — a collaborative partner, not a script executor. |
There was a problem hiding this comment.
Suggested change
| You are the **Security Skills Orchestrator** — a collaborative partner, not a script executor. | |
| You are the **Security Skills Orchestrator** — a collaborative partner. |
This captures the identity piece, I think it is enough. I've had some cases where wording like "not a script executor" caused the model to limit itself.
|
|
||
| **You do NOT own:** Code changes (skills own that). Portal navigation (developer owns that with skill guidance). | ||
|
|
||
| **The one rule:** You are a ROUTER. You classify the developer's concern, explain context, and hand off to skills for code changes. The skills (including `sst-general-security-helper`) are the ones who propose and apply fixes alongside the developer. |
There was a problem hiding this comment.
This conflicts with the output control section which was also "the one rule"
|
|
||
| ### Explanation-first edit gate (binds every skill you route to) | ||
|
|
||
| Routing to a skill does **not** authorize it to edit. Every skill you hand off to starts in **explanation mode** and stays there until the developer **explicitly asks for changes**. This gate is yours to enforce — a skill running its own procedural steps does not lift it. |
There was a problem hiding this comment.
Isn't this just friction against the built-in permissions in most harnesses? Why would this agent ask for read or write when the harness is also going to ask and enforce?
There was a problem hiding this comment.
The other point being that the harnesses checks are deterministic.
Comment on lines
+100
to
+110
| Ask the developer to describe their security concern. They might say: | ||
| - "I need to migrate my storage account to managed identity" | ||
| - "I have a container vulnerability I need to patch" | ||
| - "My app uses an old version of MSAL.JS" | ||
| - "I want to improve my app's authentication security" | ||
| - Something more general or vague | ||
|
|
||
| If the concern is vague, ask clarifying questions to understand: | ||
| - What Azure service or technology is involved? | ||
| - What's the current authentication/security pattern? | ||
| - What's the target state they want to reach? |
There was a problem hiding this comment.
Suggested change
| Ask the developer to describe their security concern. They might say: | |
| - "I need to migrate my storage account to managed identity" | |
| - "I have a container vulnerability I need to patch" | |
| - "My app uses an old version of MSAL.JS" | |
| - "I want to improve my app's authentication security" | |
| - Something more general or vague | |
| If the concern is vague, ask clarifying questions to understand: | |
| - What Azure service or technology is involved? | |
| - What's the current authentication/security pattern? | |
| - What's the target state they want to reach? | |
| Ask the developer to describe their security concern. If the concern is vague, ask clarifying questions to understand: | |
| - What Azure service or technology is involved? | |
| - What's the current authentication/security pattern? | |
| - What's the target state they want to reach? |
This should be sufficient here. No? The other lines are a very limited subset of possible inputs, I don't that is going to help much
| When a developer first interacts with you, display this welcome: | ||
|
|
||
| ``` | ||
| 🛡️ Security Skills Toolkit |
There was a problem hiding this comment.
This needs to be more clear on what it supports. If I ask questions about AWS this isn't going to be helpful. Call out that it is focused around Azure
| ✅ Scan your source code for relevant patterns and configurations | ||
| ✅ Propose changes based on public Microsoft security documentation | ||
| ❌ NOT make any changes without your explicit approval | ||
| ❌ NOT send your code to any external service |
There was a problem hiding this comment.
This isn't so clear, it depends on what model provider and play they are using, make it more clear that this is scoped to this agent / skills
|
|
||
| Then route to `sst-general-security-helper` with the developer's choice and context. | ||
|
|
||
| ### Context Passed to Skills |
There was a problem hiding this comment.
This confuses me a bit, skills are loaded into the current context, they already have all of this unless it is routed through a sub agent.
|
|
||
| **You do NOT own:** Code changes (skills own that). Portal navigation (developer owns that with skill guidance). | ||
|
|
||
| **The one rule:** You are a ROUTER. You classify the developer's concern, explain context, and hand off to skills for code changes. The skills (including `sst-general-security-helper`) are the ones who propose and apply fixes alongside the developer. |
There was a problem hiding this comment.
This confuses me. The agent stays the same when the skill is being executed. Skills don't "propose and apply fixes", skills only provide instructions and context to the agent
| - {relevant Azure service documentation} | ||
|
|
||
| ### Next Steps | ||
| 1. Review the changes — the skill did its best, but you know your codebase best |
There was a problem hiding this comment.
please run a markdown linter over all of the new files. Headings should have a newline after them
| You are the developer's **first stop** on the way to the right specialist — and more than that, you're their partner in improving their application's security posture. Your accurate classification of concerns and correct routing to skills ensures developers get the right guidance. Take care in your analysis — a misrouted concern can cause wasted effort and frustration. | ||
|
|
||
| **Remember:** | ||
| - You are a ROUTER, not a REMEDIATOR — skills do the actual work |
| @@ -0,0 +1,335 @@ | |||
| # Security Skills Toolkit | |||
There was a problem hiding this comment.
This doesn't follow the conventions in this repo, check out some of the other plugins, but the structure is roughly this and much more terse.
# Plugin name
One line description
## What's in the plugin
### Custom agent
### Skills
## Prerequisites
## Usage
## License
MIT|
|
||
| ## Overview | ||
|
|
||
| This skill helps you migrate Azure Cognitive Services and Azure AI Services from API key-based authentication to Microsoft Entra ID (Managed Identity) — a security best practice aligned with [**Pillar 1: Protect identities and secrets**](https://learn.microsoft.com/en-us/security/zero-trust/sfi/secure-future-initiative-identity-overview) of Microsoft's [Secure Future Initiative](https://learn.microsoft.com/en-us/security/zero-trust/sfi/secure-future-initiative-overview) and [Zero Trust principles](https://learn.microsoft.com/security/zero-trust/). |
There was a problem hiding this comment.
Suggested change
| This skill helps you migrate Azure Cognitive Services and Azure AI Services from API key-based authentication to Microsoft Entra ID (Managed Identity) — a security best practice aligned with [**Pillar 1: Protect identities and secrets**](https://learn.microsoft.com/en-us/security/zero-trust/sfi/secure-future-initiative-identity-overview) of Microsoft's [Secure Future Initiative](https://learn.microsoft.com/en-us/security/zero-trust/sfi/secure-future-initiative-overview) and [Zero Trust principles](https://learn.microsoft.com/security/zero-trust/). | |
| This skill helps you migrate Azure Cognitive Services and Azure AI Services from API key-based authentication to Microsoft Entra ID (Managed Identity) — a security best practice aligned with [**Pillar 1: Protect identities and secrets**](https://learn.microsoft.com/security/zero-trust/sfi/secure-future-initiative-identity-overview) of Microsoft's [Secure Future Initiative](https://learn.microsoft.com/security/zero-trust/sfi/secure-future-initiative-overview) and [Zero Trust principles](https://learn.microsoft.com/security/zero-trust/). |
Here, but in all of the links, don't use the en-us locale, let the website decide on that.
|
|
||
| --- | ||
|
|
||
| ## Step-by-Step Guide |
| using Azure.AI.TextAnalytics; | ||
|
|
||
| var endpoint = new Uri("https://your-service.services.ai.azure.com/"); | ||
| var credential = new ManagedIdentityCredential(); // ✅ Managed Identity |
There was a problem hiding this comment.
this technically compiles, but is not what we should be suggesting people use: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/src/Identity/Credentials/ManagedIdentityCredential.cs#L55
There was a problem hiding this comment.
Just leaving the one comment here, but please fix in all locations.
| - **No digest pinning**: Not using `FROM image@sha256:...` for reproducibility | ||
| - **Unversioned package installs**: `RUN pip install requests` without version pinning | ||
| - **Stale base images**: Tags that may be significantly behind current patches | ||
| - **No security update layer**: No `RUN apt-get update && apt-get upgrade` or equivalent |
There was a problem hiding this comment.
This is missing one of the most important: use images with the smallest surface area. e.g. distroless when possible. chiseled in ubuntu, etc
| ```dockerfile | ||
| FROM <base-image-registry>/<base-image>:<base-image-tag> | ||
|
|
||
| # Custom layers: Install or update packages |
There was a problem hiding this comment.
Suggested change
| # Custom layers: Install or update packages | |
| # Custom layers: Install or update packages if needed |
|
|
||
| 3. **Identify the package manager and ecosystem**: | ||
| - Debian/Ubuntu: `apt-get`, `apt` | ||
| - RHEL/CentOS: `yum`, `dnf` |
There was a problem hiding this comment.
Suggested change
| - RHEL/CentOS: `yum`, `dnf` | |
| - RHEL/CentOS: `yum`, `dnf` | |
| - Azure Linux: `tdnf` |
|
|
||
| **After (Remediated)**: | ||
| ```dockerfile | ||
| FROM ubuntu:20.04 |
There was a problem hiding this comment.
We shouldn't use a version of ubuntu that is out of support as the example
There was a problem hiding this comment.
if you update, the package would be libssl3 in newer versions
|
|
||
| ## 🔍 Troubleshooting | ||
|
|
||
| ### Dockerfile Retrieval Issues |
There was a problem hiding this comment.
This doesn't seem like it should be needed? This isn't novel information for an agent
|
|
||
| **Error handling:** If `System.Data.SqlClient` is detected instead of `Microsoft.Data.SqlClient`, halt the Entra auth migration and report: "System.Data.SqlClient does not support MI. Switch to Microsoft.Data.SqlClient 5.2.2+ first" (source: Step 5 driver prerequisites table). | ||
|
|
||
| --- |
There was a problem hiding this comment.
This is a massive skill, best practice is the file should be around ~400-500 lines max and the rest gets split into resources/ as needed
|
|
||
| ```bash | ||
| # Example: enable server-level auditing to a storage account | ||
| az sql server audit-policy update \ |
| @@ -0,0 +1,359 @@ | |||
| --- | |||
| name: sst-redis-secretless-auth | |||
| description: 'Helps you migrate Azure Cache for Redis from access key authentication to Microsoft Entra ID (Managed Identity) authentication — eliminating shared secrets and aligning with identity-based security best practices.' | |||
There was a problem hiding this comment.
Does this also cover Azure Managed Redis? They are different services.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Pull Request Checklist
npm startand verified thatREADME.mdis up to date.stagedbranch for this pull request.Description
Adds the security-skills-toolkit plugin — an AI-powered helper for developers modernizing the security posture of Azure-based applications. A developer describes a security concern in plain language, and an orchestrator agent routes to a specialist skill that pulls relevant public Microsoft documentation and helps plan/apply changes, with the developer in control throughout.
The plugin ships 1 agent + 19 skills (all prefixed
sst-):sst-security-skills-orchestrator— classifies a concern and routes to the right skill.sst-storage-secretless-auth,sst-sql-secretless-auth,sst-cosmosdb-secretless-auth,sst-redis-secretless-auth,sst-eventhub-secretless-auth,sst-servicebus-secretless-auth,sst-cognitive-secretless-auth— move from keys/SAS/passwords to Microsoft Entra managed identity.sst-msaljs-migrationrouter plus 9 version-hop skills (browser/Angular/Node/React).sst-container-vulnerability-patching.sst-general-security-helperfor concerns without a dedicated skill.All guidance is grounded in publicly available Microsoft documentation (Entra/managed identity, MSAL.js, SFI/Zero Trust).
Type of Contribution
Additional Notes
staged: the plugin folder contains only.github/plugin/plugin.json+README.md; the agent lives in top-levelagents/and the 19 skills in top-levelskills/, referenced declaratively fromplugin.json(CI materializes them on publish)..github/plugin/marketplace.jsonanddocs/README.{agents,plugins,skills}.md(npm run buildproduces no further diff).npm run plugin:validate→security-skills-toolkit is valid; all 19sst-*skills passnpm run skill:validate.copilot plugin install): the orchestrator agent is discoverable/selectable and routes correctly to thesst-skills (tested MSAL.js migration and storage secretless-auth).author: "Awesome Copilot Community".