a5c-ai/azure-security-scanner
library/specializations/security-compliance/skills/azure-security-scanner/SKILL.md
Azure security configuration scanning and hardening using Azure Security Center, Azure Policy, and ScoutSuite
$ install --global
skillsauthnpx skillsauth add a5c-ai/babysitter azure-security-scannerInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 2, 2026, 1:59 PM56.2s2 files scanned
SKILL.md
- name:
- azure-security-scanner
- description:
- Azure security configuration scanning and hardening using Azure Security Center, Azure Policy, and ScoutSuite
Azure Security Scanner Skill
Purpose
Automated Azure security configuration scanning and hardening to identify misconfigurations, compliance violations, and security risks across Azure subscriptions and tenants.
Capabilities
Azure Security Center Assessments
- Run Microsoft Defender for Cloud security assessments
- Check secure score and recommendations
- Review security alerts and incidents
- Validate just-in-time VM access
- Check adaptive application controls
- Monitor regulatory compliance dashboards
Azure AD Security Analysis
- Analyze Azure AD conditional access policies
- Check MFA enforcement status
- Review privileged identity management (PIM)
- Identify risky sign-ins and users
- Analyze app registrations and service principals
- Check guest user access configurations
Network Security Group Analysis
- Review NSG rules for overly permissive access
- Check for open management ports (RDP, SSH)
- Validate application security groups
- Review Azure Firewall configurations
- Check DDoS protection status
- Analyze virtual network configurations
Storage Account Security
- Identify publicly accessible storage accounts
- Check encryption configurations (SSE, CMK)
- Review shared access signatures (SAS)
- Validate network access rules
- Check secure transfer requirements
- Review access keys rotation
Key Vault Security
- Check Key Vault access policies
- Validate network restrictions
- Review key expiration policies
- Check certificate configurations
- Verify soft-delete enablement
- Audit secret access patterns
Activity Logging Verification
- Validate Azure Activity Log configuration
- Check diagnostic settings on resources
- Review Log Analytics workspace security
- Verify Azure Monitor alert rules
- Check Azure Sentinel integration
Azure Policy Compliance
- Assess built-in policy compliance
- Check custom policy assignments
- Review policy exemptions
- Validate initiative assignments
- Generate compliance reports
Azure Services Covered
| Category | Services | |----------|----------| | Identity | Azure AD, PIM, Conditional Access | | Compute | VMs, App Services, Functions, AKS | | Storage | Storage Accounts, Blobs, Files | | Database | SQL Database, Cosmos DB, PostgreSQL | | Network | VNets, NSGs, Azure Firewall, WAF | | Security | Defender, Key Vault, Sentinel | | Monitoring | Monitor, Log Analytics, Application Insights |
Integrations
- Microsoft Defender for Cloud: Cloud security posture management
- Azure Policy: Governance and compliance
- Azure AD: Identity security
- ScoutSuite: Multi-cloud security auditing
- Azure Sentinel: SIEM and SOAR
Target Processes
- Cloud Security Architecture Review
- Compliance Monitoring
- Azure Subscription Hardening
- Security Posture Assessment
Input Schema
{
"type": "object",
"properties": {
"scanType": {
"type": "string",
"enum": ["full", "cis", "pci", "hipaa", "iso27001", "custom"],
"description": "Type of security scan"
},
"subscriptions": {
"type": "array",
"items": { "type": "string" },
"description": "Azure subscription IDs to scan"
},
"resourceGroups": {
"type": "array",
"items": { "type": "string" },
"description": "Specific resource groups to scan"
},
"services": {
"type": "array",
"items": { "type": "string" },
"description": "Specific services to scan"
},
"severityThreshold": {
"type": "string",
"enum": ["critical", "high", "medium", "low"]
},
"complianceFrameworks": {
"type": "array",
"items": {
"type": "string",
"enum": ["CIS", "PCI-DSS", "HIPAA", "ISO27001", "SOC2", "NIST"]
}
},
"includeAzureAD": {
"type": "boolean",
"description": "Include Azure AD security checks"
}
},
"required": ["scanType"]
}
Output Schema
{
"type": "object",
"properties": {
"scanId": {
"type": "string"
},
"scanTimestamp": {
"type": "string",
"format": "date-time"
},
"subscriptionsScanned": {
"type": "array"
},
"secureScore": {
"type": "object",
"properties": {
"current": { "type": "number" },
"max": { "type": "number" },
"percentage": { "type": "number" }
}
},
"summary": {
"type": "object",
"properties": {
"totalChecks": { "type": "integer" },
"passed": { "type": "integer" },
"failed": { "type": "integer" },
"warnings": { "type": "integer" }
}
},
"findingsBySeverity": {
"type": "object",
"properties": {
"critical": { "type": "integer" },
"high": { "type": "integer" },
"medium": { "type": "integer" },
"low": { "type": "integer" }
}
},
"findings": {
"type": "array",
"items": {
"type": "object",
"properties": {
"checkId": { "type": "string" },
"severity": { "type": "string" },
"service": { "type": "string" },
"resourceId": { "type": "string" },
"description": { "type": "string" },
"remediation": { "type": "string" },
"complianceMapping": { "type": "array" }
}
}
},
"azureAdFindings": {
"type": "array"
},
"policyCompliance": {
"type": "object"
},
"recommendations": {
"type": "array",
"items": { "type": "string" }
}
}
}
Usage Example
skill: {
name: 'azure-security-scanner',
context: {
scanType: 'cis',
subscriptions: ['subscription-id-1'],
complianceFrameworks: ['CIS', 'SOC2'],
includeAzureAD: true,
severityThreshold: 'medium'
}
}
Related Skills
a5c-ai/model-card-generator
development
VerifiedTrustedCommunity
Model documentation skill for generating model cards following Google's model card framework.
680SKILL.mdUpdated Apr 28, 2026
a5c-ai/mlflow-experiment-tracker
development
VerifiedTrustedCommunity
MLflow integration skill for experiment tracking, model registry, and artifact management. Enables LLMs to log experiments, compare runs, manage model lifecycle, and retrieve artifacts through the MLflow API.
680SKILL.mdUpdated Apr 28, 2026
a5c-ai/lime-explainer
data-ai
VerifiedTrustedCommunity
LIME-based local explanation skill for individual predictions across tabular, text, and image data.
680SKILL.mdUpdated Apr 28, 2026
a5c-ai/kubeflow-pipeline-executor
devops
VerifiedTrustedCommunity
Kubeflow Pipelines skill for ML workflow orchestration, component management, and Kubernetes-native ML.
680SKILL.mdUpdated Apr 28, 2026