Microsoft Security Copilot skillset
Ask Microsoft Security Copilot about your identity posture and get answers grounded in Permafrost's analysis — open findings by severity, a principal's Unified Principal Risk, the highest-risk and Tier-0 identities, and the tenant posture rollup. The skillset is read-only and scoped to the tenant your API key belongs to.
What the skillset gives your analyst
Security Copilot is Microsoft’s analyst assistant. A skillsetis a plugin that teaches Copilot new skills, described by an OpenAPI document. The Permafrost skillset lets an analyst ask Copilot about identity posture mid-investigation — “what are the critical findings for this tenant?”, “which identities carry the highest Unified Principal Risk?” — and Copilot answers from Permafrost’s live analysis instead of a static report.
The skillset is read-only. It is backed by the same public REST API at /api/v1/* the rest of your automation uses, exposing a curated subset of read operations. Write actions — remediation, role changes — are never part of the skillset. The analyst reasons with Copilot; the human acts in the dashboard.
Available skills
The skillset exposes six read-only skills. Each maps 1:1 to a live /api/v1 operation, so what Copilot can read is exactly what a scoped key can read — no parallel data path.
listFindingsQuery analyzer findings by severity, finding type, and status across all of this customer's connected tenants.
getFindingFull detail for one finding, including the recommendation and remediation context.
listUprPrincipalsPer-principal Unified Principal Risk (UPR) with the explainability waterfall, highest-risk first — the surface for 'which identities are riskiest' and Tier-0 questions.
getUprRollupThe blast-radius-weighted UPR rollup: the tenant posture summary across all of this customer's connected tenants.
listRecommendedRolesLeast-privilege role recommendations with the target identity for over-permissioned assignments.
listTenantsThe connected Microsoft tenants — the taxonomy every other skill filters by.
Setting it up
The skillset is described by two public artifacts:
- The plugin manifest:
https://app.permafrostepm.com/api/v1/security-copilot/manifest.json(the YAML form is published in the Permafrost repository underintegrations/security-copilot/). - The OpenAPI document the skills are described by:
https://app.permafrostepm.com/api/v1/security-copilot/openapi.json.
To add it, upload the plugin manifest in the Security Copilot plugin-management surface. Then supply a Permafrost API key when prompted. Issue one from Settings → API keys with the read scopes the skillset needs:
read:findings # listFindings, getFinding
read:upr # getUprRollup, listUprPrincipals
read:roles # listRecommendedRoles
read:identities # listTenantsThe key is sent as Authorization: Bearer pfrost_… on every skill call — the same bearer path the REST API and the MCP server already use.
The read-only guarantee
The curated OpenAPI document contains GET operations only. There is no path in the skillset that mutates anything — no remediation, no role change, no webhook management. Even if you issue the API key with broader scopes, the skillset surface itself exposes no write operation. A drift tripwire in the test suite fails the build if a non-read operation ever leaks into the curated set.
Tenant isolation
Every skill call is scoped to the customer that issued the API key, enforced at the database query layer — not as a post-filter. A key issued by one customer can never read another customer’s data. Copilot runs on Microsoft’s side; Permafrost sees only the authenticated read calls, each carrying the scoped key.