The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill utilizes azd init to download project templates from the official azure-samples/copilot-sdk-service repository on GitHub. This is a trusted source maintained by Microsoft.
[COMMAND_EXECUTION]: The instructions involve standard development and deployment commands using azd, az, gh, docker, and curl. These tools are used for their intended purposes (authentication, infrastructure management, containerization, and API testing).
[CREDENTIALS_UNSAFE]: The skill proactively guides users away from hardcoding secrets. It includes a dedicated reference file for Azure Authentication Best Practices, recommending ManagedIdentityCredential for production environments and DefaultAzureCredential only for local development.
[REMOTE_CODE_EXECUTION]: While the skill involves running a template-provided script (get-github-token.mjs), this script is part of an official Microsoft sample used to bridge GitHub CLI authentication with Azure deployment, following established patterns for azd hooks.
[PROMPT_INJECTION]: The skill mentions reading AGENTS.md and project source files to assist in scaffolding. While this represents an indirect prompt injection surface, it is a standard behavior for developer-focused AI tools and the skill does not exhibit any patterns of bypassing safety filters or overriding system instructions.

azure-hosted-copilot-sdk