skillsSource-backedReview first Safety ✓ Privacy ✓
Azure Skills Plugin
Official Microsoft Azure Skills Plugin for coding agents, combining Azure Agent Skills, Azure MCP Server configuration, and Foundry MCP workflows for build, deploy, diagnostics, cost, compliance, AI, Kubernetes, storage, RBAC, and migration scenarios.
HarnessClaude CodeCodexWindsurfGeminiCursorCLI
Level:expertType:capability-packVerified:validated
Review first — review before installing
Open the source and read safety notes before installing.
Safety notes
- Azure Skills can guide agents through live cloud actions including infrastructure generation, validation, deployment, diagnostics, cost analysis, RBAC, Kubernetes, storage, AI services, and migration work.
- The included MCP configuration starts the Azure MCP server, which can expose structured tools across Azure services when the local account is authenticated.
- Deployment skills require plan and validation phases before live deployment. Do not skip `azure-prepare` or `azure-validate` steps when the upstream skill requires them.
- Live Azure changes can create cost, modify production resources, change access control, deploy workloads, query logs, or expose service data. Keep human review around write operations.
- For sovereign clouds, configure the Azure MCP server cloud argument explicitly instead of assuming Azure Public Cloud.
Privacy notes
- Azure work can expose subscription IDs, tenant IDs, resource group names, resource inventories, cost data, log queries, Application Insights telemetry, storage paths, RBAC assignments, model deployment names, and cloud architecture details.
- Authenticated MCP tools can read or operate on live Azure and Foundry resources according to the local account's permissions.
- Keep Azure credentials, service principals, connection strings, keys, SAS tokens, deployment outputs, logs with customer data, and private topology details out of prompts, commits, issue comments, screenshots, and shared reports.
- Review Microsoft, MCP host, model provider, and organization retention policies before routing production telemetry, cost data, or customer-sensitive resource context through an agent.
Prerequisites
- Azure account or subscription appropriate for the target work.
- Node.js 18 or newer with `npx` available, because the included MCP configuration launches `@azure/mcp` through npx.
- Azure CLI installed and authenticated with `az login` for live Azure resource work.
- Azure Developer CLI installed and authenticated with `azd auth login` for azd deployment workflows.
- A compatible plugin or skills host such as Claude Code, Codex, GitHub Copilot, Cursor, Gemini CLI, APM, VS Code, or IntelliJ IDEA.
- Explicit subscription, tenant, resource group, cloud environment, and approval boundaries before live read/write actions.
Schema details
- Install type
- package
- Reading time
- 8 min
- Difficulty score
- 86
- Troubleshooting
- Yes
- Breaking changes
- No
Source repository stats
- Scope
- Source repo
Package metadata
Skill and platform metadata
- Skill type
- capability-pack
- Skill level
- expert
- Verification
- validated
- Verified at
- 2026-06-18
Retrieval sources
https://github.com/microsoft/azure-skillshttps://raw.githubusercontent.com/microsoft/azure-skills/main/README.mdhttps://raw.githubusercontent.com/microsoft/azure-skills/main/.github/plugins/azure-skills/.mcp.jsonhttps://raw.githubusercontent.com/microsoft/azure-skills/main/.github/plugins/azure-skills/skills/azure-prepare/SKILL.mdhttps://raw.githubusercontent.com/microsoft/azure-skills/main/.github/plugins/azure-skills/skills/azure-ai/SKILL.mdhttps://raw.githubusercontent.com/microsoft/azure-skills/main/.github/plugins/azure-skills/skills/azure-cost/SKILL.mdhttps://microsoft.github.io/azure-skills/
Tested platforms
Claude CodeCodexGitHub CopilotCopilot CLICursorGemini CLIIntelliJ IDEA
| Platform | Support | Install path |
|---|---|---|
| claude-code | Native | .claude/skills/<skill-name>/SKILL.md |
| codex | Native | .agents/skills/<skill-name>/SKILL.md |
| windsurf | Native | .windsurf/skills/<skill-name>/SKILL.md |
| gemini | Native | .gemini/skills/<skill-name>/SKILL.md or .agents/skills/<skill-name>/SKILL.md |
| cursor | Adapter | .cursor/rules/<skill-name>.mdc |
| cli | Manual | AGENTS.md or tool-specific context file |
Tool listing metadata
Full copyable content
apm install microsoft/azure-skills
# Claude Code marketplace install
/plugin install azure@claude-plugins-official
# Codex marketplace install
codex plugin marketplace add microsoft/azure-skillsAbout this resource
Azure Skills Plugin
microsoft/azure-skills is Microsoft's official Azure Skills Plugin for coding
agents. It packages Azure-specific Agent Skills, Azure MCP Server configuration,
and Foundry MCP workflows so compatible agents can move from generic Azure
advice to source-backed planning, validation, diagnostics, cost review, and
deployment workflows.
The plugin is intended for multi-host use across GitHub Copilot, Copilot CLI, Claude Code, Codex, Cursor, Gemini CLI, VS Code, IntelliJ IDEA, and other compatible plugin or skill hosts.
Knowledge Freshness
The repository is active and Azure service behavior changes frequently. Azure MCP tools, Foundry MCP capabilities, plugin host support, sovereign cloud configuration, service quotas, SDKs, azd behavior, and Azure pricing can change.
Use the plugin for Microsoft-maintained workflow structure, then verify exact commands, service limits, subscription context, RBAC permissions, cloud environment, and pricing against current Azure docs and the target subscription.
Retrieval Sources
This listing is grounded in:
- The
microsoft/azure-skillsrepository README. - The plugin
.mcp.jsonthat configures Azure MCP through@azure/mcp. - Representative Azure skill files for prepare, Azure AI, and cost workflows.
- The public Azure Skills landing page.
- Current GitHub repository metadata from the Microsoft organization.
Core Workflow
Install through APM for multi-host setup:
apm install microsoft/azure-skills
For Claude Code, install the official marketplace plugin:
/plugin install azure@claude-plugins-official
For Codex, add the marketplace and install the Azure plugin through /plugins:
codex plugin marketplace add microsoft/azure-skills
The included MCP configuration starts Azure MCP with:
{
"mcpServers": {
"azure": {
"command": "npx",
"args": ["-y", "@azure/mcp@latest", "server", "start"]
}
}
}
Authenticate Azure before asking an agent to inspect or operate on live resources:
az login
azd auth login
Capability Scope
The repository currently ships Azure skills across these areas:
| Area | Representative skills |
|---|---|
| Build and deploy | azure-prepare, azure-validate, azure-deploy, azure-upgrade |
| Enterprise and platform planning | azure-enterprise-infra-planner, azure-hosted-copilot-sdk, python-appservice-deploy |
| Kubernetes and AI runway | azure-kubernetes, airunway-aks-setup |
| Diagnostics and observability | azure-diagnostics, appinsights-instrumentation, azure-resource-lookup, azure-resource-visualizer |
| Cost and quotas | azure-cost, azure-compute, azure-quotas |
| Compliance and reliability | azure-compliance, azure-reliability |
| Data and messaging | azure-storage, azure-kusto, azure-messaging |
| AI and Foundry | azure-ai, azure-aigateway, microsoft-foundry |
| Identity and access | azure-rbac, entra-app-registration, entra-agent-id |
| Migration | azure-cloud-migrate |
The README describes three capability layers:
- Azure skills for workflows, decision trees, and guardrails.
- Azure MCP Server for live Azure tooling across Azure services.
- Foundry MCP for Microsoft Foundry model, deployment, and agent workflows.
Production Rules
Use this plugin with live-cloud discipline:
- Identify the target tenant, subscription, resource group, region, and cloud environment before querying or changing Azure resources.
- Use the specific Azure skill for the job instead of generic cloud advice.
- For deployment, preserve the upstream sequence: prepare a deployment plan, validate it, then deploy.
- Keep write operations gated by user approval, especially provisioning, deletion, RBAC, production deployment, AKS, storage, networking, and model deployment changes.
- Prefer least-privilege Azure roles for the authenticated account or service principal.
- Treat cost, quota, diagnostic logs, resource inventory, and telemetry as sensitive operational data.
- For Azure China Cloud or Azure US Government, configure the Azure MCP server
--cloudargument as the README describes.
Use Cases
- Ask Claude Code to prepare and validate an Azure deployment plan before
running
azdor infrastructure commands. - Use Codex with Azure MCP to list resources, inspect diagnostics, or check resource details in a scoped subscription.
- Ask Copilot to use Azure cost skills to query spend, identify waste, or forecast budget impact.
- Use Azure AI skills for AI Search, Speech, Azure OpenAI, and Document Intelligence implementation guidance.
- Use Foundry MCP workflows for model discovery, deployment, and agent scenarios in Microsoft Foundry.
Source Review
- The README identifies
microsoft/azure-skillsas the official Azure Skills Plugin. - The README says the plugin packages Azure skills, Azure MCP Server, and Foundry MCP together.
- The README documents installation for APM, GitHub Copilot CLI, VS Code, Claude Code, Gemini CLI, Cursor, Codex CLI, and IntelliJ IDEA.
- The plugin
.mcp.jsonconfigures anazureMCP server usingnpx -y @azure/mcp@latest server start. - Representative skill files define Microsoft-authored Azure workflows such as
azure-prepare,azure-ai, andazure-cost. - The README includes prerequisites for Node.js 18+, Azure CLI authentication, and Azure Developer CLI authentication for deployment workflows.
Duplicate Review
Checked current content/skills/, content/mcp/, content/agents/,
content/tools/, open pull requests, and repository-wide content for
microsoft/azure-skills, Azure Skills Plugin, Azure skills, Azure MCP skills,
Foundry MCP skills, Azure agent skills, and related Microsoft skills entries.
Existing entries cover Microsoft Agent Skills, Microsoft Fabric Skills, Azure
MCP, and Azure DevOps MCP separately, but no dedicated Azure Skills Plugin
entry, exact source URL duplicate, target file, or open duplicate PR was found.
Disclosure
Editorial listing. No paid placement or affiliate link is used. The upstream repository is maintained by Microsoft and reports MIT license terms.
Source citations
Add this badge to your README
Show that Azure Skills Plugin is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.
[](https://heyclau.de/entry/skills/azure-skills-plugin)How it compares
Azure Skills Plugin side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.
| Field | Azure Skills Plugin Official Microsoft Azure Skills Plugin for coding agents, combining Azure Agent Skills, Azure MCP Server configuration, and Foundry MCP workflows for build, deploy, diagnostics, cost, compliance, AI, Kubernetes, storage, RBAC, and migration scenarios. Open dossier | Microsoft Agent Skills Microsoft-maintained Agent Skills, plugins, custom agents, AGENTS.md templates, and MCP configurations for Azure SDKs, Microsoft Foundry, Microsoft 365 Agents SDK, Copilot SDK, MCP server building, and cloud solution work. Open dossier | .NET Agent Skills Microsoft .NET team skill marketplace for AI coding agents working on .NET, C#, ASP.NET Core, Blazor, MAUI, diagnostics, MSBuild, NuGet, upgrades, tests, AI workflows, RAG pipelines, and C# MCP servers. Open dossier | Google Agents CLI Skills Google Agents CLI skill suite for coding agents that build, scaffold, evaluate, deploy, publish, and observe ADK agents on Gemini Enterprise Agent Platform, Agent Runtime, Cloud Run, GKE, and Google Cloud. Open dossier |
|---|---|---|---|---|
| Trust | ||||
| Install risk | Review first | Review first | Review first | Review first |
| Notes | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ |
| Category | skills | skills | skills | skills |
| Source | source-backed | source-backed | source-backed | source-backed |
| Author | Microsoft | Microsoft | .NET Team at Microsoft | |
| Added | 2026-06-18 | 2026-06-18 | 2026-06-18 | 2026-06-18 |
| Platforms | Claude CodeCodexWindsurfGeminiCursorCLI | Claude CodeCodexWindsurfGeminiCursorCLI | Claude CodeCodexWindsurfGeminiCursorCLIVS Code | Claude CodeCodexWindsurfGeminiCursorCLI |
| Source repo | — | — | — | — |
| Safety notes | ✓Azure Skills can guide agents through live cloud actions including infrastructure generation, validation, deployment, diagnostics, cost analysis, RBAC, Kubernetes, storage, AI services, and migration work. The included MCP configuration starts the Azure MCP server, which can expose structured tools across Azure services when the local account is authenticated. Deployment skills require plan and validation phases before live deployment. Do not skip `azure-prepare` or `azure-validate` steps when the upstream skill requires them. Live Azure changes can create cost, modify production resources, change access control, deploy workloads, query logs, or expose service data. Keep human review around write operations. For sovereign clouds, configure the Azure MCP server cloud argument explicitly instead of assuming Azure Public Cloud. | ✓Some skills guide Azure or Foundry provisioning, hosted agents, model deployments, toolboxes, workflows, storage, messaging, identity, Key Vault, monitoring, and governance tasks that can affect live cloud resources. Validate resource names, subscriptions, tenants, regions, RBAC, quotas, and costs before approving generated commands or infrastructure changes. The upstream README describes the repository as work in progress with active skill updates and expanding tests. Use skills selectively; loading all skills can dilute context and produce mixed SDK patterns. Skills and MCP configs may invoke external documentation, GitHub, browser automation, Azure CLI, azd, or SDK commands depending on the selected workflow. | ✓.NET build, test, upgrade, package, template, publish, and migration tasks can modify project files, lock files, generated code, packages, app settings, and deployment artifacts. Diagnostics skills may suggest collecting traces, dumps, counters, crash data, MSBuild binlogs, or performance profiles; collect those artifacts only with explicit approval and storage controls. MCP server skills can expose local code, files, APIs, credentials, or production services as callable tools; review tool descriptions, parameter validation, authorization, and transport choice before connecting clients. NuGet and publish workflows can push packages or artifacts to public or private feeds; verify package IDs, versions, API keys, feed targets, and release policy before publishing. Upgrade and modernization guidance should be verified against each application's framework support window, deployment target, package compatibility, and rollback plan. | ✓The skills intentionally guide agents through scaffold, eval, deploy, publish, CI/CD, infrastructure, datastore, and observability workflows that can create or modify cloud resources. Deployment and infrastructure commands may provision service accounts, IAM bindings, Terraform resources, Cloud Run services, Agent Runtime deployments, GKE resources, Artifact Registry images, Secret Manager entries, and CI/CD runners. The workflow skill explicitly requires clarifying goals and writing a spec before scaffolding a new project; skipping that step can create wrong infrastructure or unsafe agent behavior. Evaluation guidance may invoke LLM-as-judge, synthetic datasets, and prompt optimization; treat cost, data exposure, and nondeterminism as production concerns. Do not run deploy, publish, infrastructure, datastore, or CI/CD commands without explicit human approval and a known Google Cloud target. |
| Privacy notes | ✓Azure work can expose subscription IDs, tenant IDs, resource group names, resource inventories, cost data, log queries, Application Insights telemetry, storage paths, RBAC assignments, model deployment names, and cloud architecture details. Authenticated MCP tools can read or operate on live Azure and Foundry resources according to the local account's permissions. Keep Azure credentials, service principals, connection strings, keys, SAS tokens, deployment outputs, logs with customer data, and private topology details out of prompts, commits, issue comments, screenshots, and shared reports. Review Microsoft, MCP host, model provider, and organization retention policies before routing production telemetry, cost data, or customer-sensitive resource context through an agent. | ✓Azure subscription IDs, tenant IDs, resource names, logs, traces, SDK error output, repository code, architecture notes, and Foundry project details can enter prompts or tool output. Do not paste service principals, access tokens, connection strings, Key Vault secrets, managed identity credentials, or customer data into public issues, screenshots, or committed configs. Microsoft Docs MCP, Context7, GitHub, browser, or other MCP integrations may send query text and project context to external services depending on local configuration. | ✓.NET repositories may contain connection strings, appsettings secrets, user secrets, certificates, environment variables, telemetry keys, logs, traces, dumps, package credentials, and production data. MSBuild binlogs, crash dumps, profiler output, and test artifacts can contain source paths, dependency graphs, request data, exception payloads, configuration values, and environment details. MCP servers created with these skills may forward prompts and tool inputs to local processes, HTTP services, databases, cloud APIs, or third-party model providers depending on the implementation. Keep private NuGet credentials, signing keys, deployment secrets, customer data, dumps, and proprietary source out of public prompts, issues, pull requests, and shared artifacts. | ✓Agents CLI projects can contain Google Cloud credentials, AI Studio keys, Secret Manager names, service account emails, project IDs, regions, Terraform state, eval traces, prompts, tool outputs, logs, traces, user data, embeddings, and datastore contents. Eval artifacts and observability exports can include full prompts, tool calls, responses, failure rationales, trace IDs, and private application data. Publishing to Gemini Enterprise, deploying to Agent Runtime, Cloud Run, or GKE, and enabling analytics can move agent traffic into Google Cloud services subject to separate terms and access controls. Keep project IDs, credentials, Terraform state, traces, eval datasets, user data, private prompts, and secret names out of public issues, PRs, examples, and screenshots. |
| Prerequisites |
|
|
|
|
| Install | | | | |
| Config | — | — | — | — |
| Citations | ||||
| Claim | Unclaimed | Unclaimed | Unclaimed | Unclaimed |
Featured in
Signals
Loading live community signals…
More like this, weekly
A short, calm digest of reviewed Claude resources. Unsubscribe any time.