doc: add design spec for azd ai skill commands#8204
Conversation
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
huimiu
requested review from
JeffreyCA,
hemarina,
jongio,
rajeshkamal5050,
tg-msft,
vhvb1989,
wbreza and
weikanglim
as code owners
📋 Prioritization NoteThanks for the contribution! The linked issue isn't in the current milestone yet. |
There was a problem hiding this comment.
Pull request overview
Adds a new design spec for azd ai agent skill commands in the Azure AI Agents extension, defining the intended CRUD/download CLI surface, endpoint resolution, output contracts, testing plan, telemetry, and security considerations.
Changes:
- Documents
create,update,show,list,download, anddeletecommand behavior. - Defines file handling, archive extraction safeguards, JSON output contracts, and telemetry expectations.
- Describes placement under the existing
azure.ai.agentsextension and a newskill_apipackage.
- Restrict the documented telemetry modes on `azd ai agent skill update` to `inline` / `file-md`. The previous "as above" wording implicitly included `file-gzip`, but section 6.2 rejects gzip on update, so the command can never emit that value. - Replace the inaccurate "debug logger sanitizes request bodies (same as agent_api)" line under Security Considerations. The Azure SDK pipeline used by agent_api sets `IncludeBody: true` under `--debug`, and the current `setupDebugLogging` sanitizer only redacts JSON connection-string fields. Document that this work extends the sanitizer to cover skill `description` / `instructions` before the skill client participates in body logging, and opts out of `IncludeBody` until that lands. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
therealjohn
left a comment
therealjohn
left a comment
There was a problem hiding this comment.
Left two comments just clarify that it should be in a separate extension which impacts the skill name in the spec.
jongio
left a comment
jongio
left a comment
There was a problem hiding this comment.
Left a question on the name validation regex - the fallback pattern in 6.7 diverges from the existing agent name regex in a few ways.
Reviewer feedback on #8204: - therealjohn: skill commands will ship in a new, standalone `azure.ai.skills` extension (namespace `ai.skill`) rather than the existing `azure.ai.agents` extension. Rename every command from `azd ai agent skill <verb>` to `azd ai skill <verb>` across §1, §3, §6.1–§6.6, §10, and §12. Update file paths to `cli/azd/extensions/azure.ai.skills/...` and move the typed client to the new extension's `internal/pkg/skill_api/`. Telemetry event names change to `azd.ai.skill.*`; debug log file becomes `azd-ai-skills-<date>.log`. - jongio: align the fallback skill-name regex with the existing agent name pattern in `azure.ai.agents/internal/pkg/agents/agent_yaml`: `^[a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\$` (1–63 chars, alphanumeric with internal hyphens only). The previous fallback was labeled "conservative" but actually allowed underscores, required a leading letter, and permitted trailing special chars; aligning gives users one rule across resource kinds. Connected updates: - §4 endpoint cascade: prefer `extensions.ai-skills.project.context.endpoint` with fallback to `extensions.ai-agents.project.context.endpoint` so users who configured the endpoint via the agents extension are not forced to re-run `set`. - §5 / §9: drop the "sibling of agent_api" framing; the new client lives inside `azure.ai.skills`. Reaffirm that `AgentCardSkill` in `azure.ai.agents` is in a different module with no symbol conflict. - §11 Argument echoing: rewrite to describe `skill_api`'s own logging posture (opt out of `IncludeBody` until the sanitizer covers skill `description` / `instructions`) without depending on `agent_api`'s behavior. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
huimiu
changed the title
azd ai agent skill commandsazd ai skill commands
|
Thanks for the reviews! Pushed new commit: @therealjohn: moved skill commands into a new standalone azure.ai.skills extension (namespace ai.skill). All commands renamed from azd ai agent skill to azd ai skill, with matching updates to file paths, telemetry event names (azd.ai.skill.*), and the debug log name. @jongio: aligned the fallback name regex with the existing agent name pattern: |
jongio
left a comment
jongio
left a comment
There was a problem hiding this comment.
Addresses my previous feedback on the name validation regex, now aligned with the agent name pattern in agent_yaml/parse.go. The config fallback to extensions.ai-agents.project.context.endpoint is a nice backward-compat touch. Looks good to me. Let's get a sign-off from @JeffreyCA or @vhvb1989 to unblock.
The live Foundry Skills service implements POST /skills:import and
GET /skills/{name}:download with application/zip, not application/gzip
as the upstream TypeSpec declares. Verified via 415 Unsupported Media
Type on gzip uploads. Public docs confirm:
https://learn.microsoft.com/azure/foundry/agents/how-to/tools/skills
Changes:
- skill_api: replace archive/tar+compress/gzip with archive/zip
- skill_api: Download now returns []byte (archive/zip needs io.ReaderAt)
- skill_api: rename ContentTypeGzip -> ContentTypeZip, ErrInvalidGzip ->
ErrInvalidZip
- cmd: accept '.zip' for --file; reject '.tar.gz'/'.tgz'
- cmd: writeRaw now writes '<name>.zip'
- tests: rewrite archive_test.go and archive_peek_test.go for ZIP
- docs (AGENTS.md, README.md, CHANGELOG.md): s/gzip,tar.gz/zip/g
The design spec (PR #8204) will need a follow-up to match.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Summary
Adds the design spec for the Foundry Skill commands that ship in the
azure.ai.agentsextension (cli/azd/docs/design/ai-skill-design-spec.md). Theskillsubtree provides full CRUD plusdownloadon Foundry Skills, so a developer can create a skill from inline flags or aSKILL.md/*.tar.gzfile and round-trip it back out as a folder on disk, all without standing up a Foundry SDK harness.Related issues:
azd ai skill create/update/show/list/download/deleteto manage Foundry Skills from any directory #8142Key points
azure.ai.agentsextension. Today the commands surface asazd ai agent skill …; the layout is designed so a future move to a standaloneazd ai skillextension is registration-only with no behavior diff. Noregistry.jsonimpact and no new persistent state.create,update,show,list,download,delete.createhas three mutually exclusive input modes (inline--description+--instructions,--file SKILL.md, or--file *.tar.gz);downloadextracts the server gzip into./.agents/skills/<name>/by default, with--rawto keep the archive and--forceto overwrite;deleteconfirms by default with--forceto skip.-p,--output,--no-prompt,--debug), matchingconnection,toolbox, androutine, and works standalone outside an azd project.createfails on a name collision (or replaces with--forcevia delete-then-create).updateis GET + local merge + POST that preserves untouched fields;--filerules onupdatefollow the same modes ascreate, with packaged gzip update gated on the single open question below.internal/pkg/agents/skill_api/(sibling ofagent_api, no overload), so error shapes, headers, and pagination stay consistent with the rest of the AI surface.downloadanddeleteare part of the public contract; resource verbs are passthrough.exterrorscodes (CodeInvalidSkillName,CodeInvalidSkillFile,CodeSkillArchiveUnsafe,CodeSkillOutputCollision) plug into the existingexterrors.Validationfactory; one telemetry event per verb, with no skill names, descriptions, file paths, or endpoint values emitted.