ReddRadar
Agent skill
microsoft-foundry
Deploy, evaluate, and manage Foundry agents end-to-end: Docker build, ACR push, hosted/prompt agent create, container start, batch eval, prompt optimization, agent.yaml, dataset curation from traces. USE FOR: deploy agent to Foundry, hosted agent, create agent, invoke agent, evaluate agent, run batch eval, optimize prompt, deploy model, Foundry project, RBAC, role assignment, permissions, quota, capacity, region, troubleshoot agent, deployment failure, create dataset from traces, dataset versioning, eval trending, create AI Services, Cognitive Services, create Foundry resource, provision resource, knowledge index, agent monitoring, customize deployment, onboard, availability, standard agent setup, capability host. DO NOT USE FOR: Azure Functions, App Service, general Azure deploy (use azure-deploy), general Azure prep (use azure-prepare).
Install this agent skill to your Project
npx add-skill https://github.com/autohandai/community-skills/tree/main/microsoft-foundry-ms
Metadata
Additional technical details for this skill
- author
- Microsoft
- version
- 1.0.3
SKILL.md
Microsoft Foundry Skill
MANDATORY: Read this skill and the relevant sub-skill BEFORE calling any Foundry MCP tool.
Sub-Skills
| Sub-Skill | When to Use | Reference |
|---|---|---|
| deploy | Containerize, build, push to ACR, create/update/start/stop/clone agent deployments | deploy |
| invoke | Send messages to an agent, single or multi-turn conversations | invoke |
| observe | Eval-driven optimization loop: evaluate → analyze → optimize → compare → iterate | observe |
| trace | Query traces, analyze latency/failures, correlate eval results to specific responses via App Insights customEvents |
trace |
| troubleshoot | View container logs, query telemetry, diagnose failures | troubleshoot |
| create | Create new hosted agent applications. Supports Microsoft Agent Framework, LangGraph, or custom frameworks in Python or C#. Downloads starter samples from foundry-samples repo. | create |
| eval-datasets | Harvest production traces into evaluation datasets, manage dataset versions and splits, track evaluation metrics over time, detect regressions, and maintain full lineage from trace to deployment. Use for: create dataset from traces, dataset versioning, evaluation trending, regression detection, dataset comparison, eval lineage. | eval-datasets |
| project/create | Creating a new Azure AI Foundry project for hosting agents and models. Use when onboarding to Foundry or setting up new infrastructure. | project/create/create-foundry-project.md |
| resource/create | Creating Azure AI Services multi-service resource (Foundry resource) using Azure CLI. Use when manually provisioning AI Services resources with granular control. | resource/create/create-foundry-resource.md |
| models/deploy-model | Unified model deployment with intelligent routing. Handles quick preset deployments, fully customized deployments (version/SKU/capacity/RAI), and capacity discovery across regions. Routes to sub-skills: preset (quick deploy), customize (full control), capacity (find availability). |
models/deploy-model/SKILL.md |
| quota | Managing quotas and capacity for Microsoft Foundry resources. Use when checking quota usage, troubleshooting deployment failures due to insufficient quota, requesting quota increases, or planning capacity. | quota/quota.md |
| rbac | Managing RBAC permissions, role assignments, managed identities, and service principals for Microsoft Foundry resources. Use for access control, auditing permissions, and CI/CD setup. | rbac/rbac.md |
Onboarding flow: project/create → deploy → invoke
Agent Lifecycle
| Intent | Workflow |
|---|---|
| New agent from scratch | create → deploy → invoke |
| Deploy existing code | deploy → invoke |
| Test/chat with agent | invoke |
| Troubleshoot | invoke → troubleshoot |
| Fix + redeploy | troubleshoot → fix → deploy → invoke |
Project Context Resolution
Resolve only missing values. Extract from user message first, then azd, then ask.
- Check for
azure.yaml; if found, runazd env get-values - Map azd variables:
| azd Variable | Resolves To |
|---|---|
AZURE_AI_PROJECT_ENDPOINT / AZURE_AIPROJECT_ENDPOINT |
Project endpoint |
AZURE_CONTAINER_REGISTRY_NAME / AZURE_CONTAINER_REGISTRY_ENDPOINT |
ACR registry |
AZURE_SUBSCRIPTION_ID |
Subscription |
- Ask user only for unresolved values (project endpoint, agent name)
Validation
After each workflow step, validate before proceeding:
- Run the operation
- Check output for errors or unexpected results
- If failed → diagnose using troubleshoot sub-skill → fix → retry
- Only proceed to next step when validation passes
Agent Types
| Type | Kind | Description |
|---|---|---|
| Prompt | "prompt" |
LLM-based, backed by model deployment |
| Hosted | "hosted" |
Container-based, running custom code |
Agent: Setup Types
| Setup | Capability Host | Description |
|---|---|---|
| Basic | None | Default. All resources Microsoft-managed. |
| Standard | Azure AI Services | Bring-your-own storage and search (public network). See standard-agent-setup. |
| Standard + Private Network | Azure AI Services | Standard setup with VNet isolation and private endpoints. See private-network-standard-agent-setup. |
MANDATORY: For standard setup, read the appropriate reference before proceeding:
- Public network: references/standard-agent-setup.md
- Private network (VNet isolation): references/private-network-standard-agent-setup.md
Tool Usage Conventions
- Use the
ask_useroraskQuestionstool whenever collecting information from the user - Use the
taskorrunSubagenttool to delegate long-running or independent sub-tasks (e.g., env var scanning, status polling, Dockerfile generation) - Prefer Azure MCP tools over direct CLI commands when available
- Reference official Microsoft documentation URLs instead of embedding CLI command syntax
References
- Hosted Agents
- Runtime Components
- Foundry Samples
- Python SDK
Dependencies
Scripts in sub-skills require: Azure CLI (az) ≥2.0, jq (for shell scripts). Install via pip install azure-ai-projects azure-identity for Python SDK usage.
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
autohandai/community-skills
mapping-mitre-attack-techniques
Maps observed adversary behaviors, security alerts, and detection rules to MITRE ATT&CK techniques and sub-techniques to quantify detection coverage and guide control prioritization. Use when building an ATT&CK-based coverage heatmap, tagging SIEM alerts with technique IDs, aligning security controls to adversary playbooks, or reporting threat exposure to executives. Activates for requests involving ATT&CK Navigator, Sigma rules, MITRE D3FEND, or coverage gap analysis.
autohandai/community-skills
hunting-for-spearphishing-indicators
Hunt for spearphishing campaign indicators across email logs, endpoint telemetry, and network data to detect targeted email attacks.
autohandai/community-skills
analyzing-malicious-url-with-urlscan
URLScan.io is a free service for scanning and analyzing suspicious URLs. It captures screenshots, DOM content, HTTP transactions, JavaScript behavior, and network connections of web pages in an isolat
autohandai/community-skills
implementing-zero-standing-privilege-with-cyberark
Deploy CyberArk Secure Cloud Access to eliminate standing privileges in hybrid and multi-cloud environments using just-in-time access with time, entitlement, and approval controls.
autohandai/community-skills
implementing-pam-for-database-access
Deploy privileged access management for database systems including Oracle, SQL Server, PostgreSQL, and MySQL. Covers session proxy configuration, credential vaulting, query auditing, dynamic credentia
autohandai/community-skills
detecting-t1003-credential-dumping-with-edr
Detect OS credential dumping techniques targeting LSASS memory, SAM database, NTDS.dit, and cached credentials using EDR telemetry, Sysmon process access monitoring, and Windows security event correlation.
Didn't find tool you were looking for?