The Agent Skills Directory

[Secure Authentication Patterns]: The skill strongly advocates for the use of managed identities and role-based access control (RBAC) in production environments, which reduces the risks associated with hardcoded credentials or long-lived secrets. It correctly distinguishes between local development credentials and production identity patterns.
[Source Integration]: The skill utilizes project templates from established organizations and references official development kit repositories. The use of specialized developer CLI tools for deployment and configuration follows standard cloud engineering practices.
[Credential Management]: The process for handling access tokens involves retrieving them via the user's authenticated CLI session and securely storing them in a managed secret vault during deployment, which is a recommended security pattern for protecting sensitive information.
[Command Execution]: Local CLI tools are used to perform deployment and configuration tasks, such as managing environment variables and retrieving authentication tokens. These operations are performed within the context of the user's local development environment and authenticated session.
[Workspace Context Ingestion]: The skill instructs the agent to read configuration or informational files from the user's workspace for context. While this is a standard practice for understanding project structure, it is noted as a potential surface for indirect prompt injection if the workspace contains untrusted content. This is managed by following the skill's structured deployment guidance.

azure-hosted-copilot-sdk