The Agent Skills Directory

[Secure Identity and Authentication]: The skill enforces an 'identity-first' approach, prioritizing User Assigned Managed Identity (UAMI) and Azure RBAC over connection strings or API keys. This significantly reduces the risk of credential exposure during and after migration.
[Processing of External Source Code]: To perform its primary function, the skill ingests and analyzes AWS Lambda and GCP Cloud Run source code. While processing untrusted data is a potential consideration for indirect prompt injection, the skill mitigates risk by requiring an assessment report phase before any code migration occurs and maintaining strict output directory isolation.
[Official Tooling and Integration]: The deployment and migration scripts rely on official, well-known CLI tools including the Azure CLI (az), Google Cloud SDK (gcloud), and Docker. These are used according to vendor recommendations to facilitate secure resource management and image migration.
[Infrastructure Hardening Guidance]: The documentation includes detailed requirements for complex infrastructure patterns, such as configuring RBAC roles and poison-message queues for Event Grid-sourced triggers. This ensures that migrated workloads are not only functional but also compliant with Azure security standards.
[User Oversight and Confirmation]: The skill incorporates mandatory ask_user checkpoints for destructive actions, such as resource modification or deployment, ensuring that the AI agent does not perform high-impact operations without explicit human authorization.

azure-cloud-migrate