Analysis updated 2026-05-18
Get product-specific Microsoft Defender or Sentinel guidance instead of generic security advice.
Design a Conditional Access policy baseline for an organization's Entra ID tenant.
Build a Purview DLP policy to protect sensitive data in Microsoft 365.
Review an Intune device compliance policy for security gaps.
| vinayaklatthe/microsoft-security-skills | energypantry/agent-browser-runtime | zhouyoukang1234-spec/windsurf-assistant | |
|---|---|---|---|
| Stars | 88 | 86 | 85 |
| Language | JavaScript | JavaScript | JavaScript |
| Setup difficulty | easy | hard | hard |
| Complexity | 2/5 | 4/5 | 4/5 |
| Audience | ops devops | developer | developer |
Figures from each repo's GitHub metadata at analysis time.
Installing per-tool via the skills CLI or all-at-once via the APM package manager requires Git and Node.js 18+.
This repository is a plugin that gives AI coding assistants specialized knowledge about Microsoft security products. Without it, an AI agent will give generic security advice when you ask about things like Defender, Sentinel, or Entra ID. With it installed, the agent knows the specific workflows, decision trees, and guardrails for each product area, drawn from public Microsoft documentation. The plugin contains 58 skills, each covering a distinct area of the Microsoft security portfolio. The coverage spans several domains: threat protection tools like Defender XDR, Defender for Endpoint, and Microsoft Sentinel, identity and access controls like Entra ID, Conditional Access, and Privileged Identity Management, compliance and data protection tools like Purview DLP and eDiscovery, endpoint management through Intune, cloud security tools across Azure, and a growing set of skills for AI and agent security, including how to control what Microsoft Copilot can access in your organization. The plugin works across multiple AI tools in one install. You can use it with GitHub Copilot in VS Code, Claude Code, Cursor, Codex CLI, and Gemini CLI. One install command handles all of them at once if you use the APM package manager, or you can install per-tool with a few commands using the skills CLI. The skills were built around a specific problem: security work is mostly a decision problem, not just a configuration task. Knowing which control applies, what order to enable things in, and what to validate before a policy goes live matters as much as knowing the feature exists. Each skill includes guardrails to prevent common mistakes, not just instructions on how to use the product. The README notes that the skills have been tested against two AI models to measure the improvement they provide over asking an unaided model the same questions. All content is grounded in publicly available Microsoft Learn documentation. No proprietary methodology or customer data is included. The project is released under the MIT license.
A plugin of 58 skill files that teaches AI coding agents how to give accurate, product-specific guidance on Microsoft security tools.
Mainly JavaScript. The stack also includes JavaScript, Markdown, APM.
MIT license: use freely for any purpose, including commercial use, as long as you keep the copyright notice.
Setup difficulty is rated easy, with roughly 5min to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.