SKILL.md— paste into Microsoft 365 Copilot or ClaudeDownload

▸ View skill file

---
name: Entra Agent ID Audit
description: Inventories every Microsoft Entra Agent ID, flags orphaned and risk-elevated agents, and reports Conditional Access posture per agent, aligned to Essential Eight.
---

# Entra Agent ID Audit

> **TL;DR:** This skill inventories every agent holding a Microsoft Entra Agent ID, surfaces orphaned or risky agents, and reports each agent's Conditional Access posture so an admin can close the gaps.

## What does the Entra Agent ID audit inventory?

The skill enumerates all agents holding a Microsoft Entra Agent ID across the tenant via Microsoft Graph, identifies orphaned, unowned or risk-elevated agents, and reports each agent's Conditional Access posture so an Entra admin can act. As Agentic AI proliferates, every non-human identity created by Copilot Studio and Microsoft Agent 365 carries scopes and access that need governing like any privileged account. This audit captures ownership, last sign-in, parent application, data tier and assigned Conditional Access policies, then ranks composite risk so the agents that combine an orphaned owner, elevated scopes and no Conditional Access rise to the top.

## When should you run this skill?

- "Audit Entra Agent IDs"
- "Review AI agents in Entra"
- "Inventory autonomous agents in our tenant"
- "Which agents have no Conditional Access policy applied?"

## How this skill works, step by step

1. Enumerate every Entra Agent ID in the tenant via Microsoft Graph.
2. For each agent capture: agent display name, owner, creation date, last sign-in, parent application, data tier, and assigned Conditional Access policies.
3. Flag orphaned agents (no owner, or owner is a disabled account).
4. Flag agents with no Conditional Access policy targeting them.
5. Flag agents with elevated scopes (directory write, mail.send, files.readwrite.all).
6. Rank by composite risk: orphan + elevated scope + no CA policy = High.
7. Produce the register table below.

## Output format

| Agent Name | Agent ID | Owner | Last Sign-in | Parent App | Scopes | CA Policies | Risk |

Followed by a summary:

- Total agents: N
- Orphaned: N
- No CA policy: N
- High risk: N (requires immediate review)

## Scope and safety

Read-only by default; the skill never disables or modifies agents. This skill does NOT:

- Disable or modify agents (read-only).
- Create Conditional Access policies (pair with Conditional Access for Agents).
- Audit agent prompt content or runtime decisions.

## Licensing and permissions

### Licences and add-ons

| Capability used | Minimum licence |
| --- | --- |
| Microsoft Entra Agent ID governance (agents created by Copilot Studio and Microsoft Agent 365) | Microsoft Entra ID P1 |
| Conditional Access posture per agent | Microsoft Entra ID P1 |

### Least-privilege roles

- Global Reader (read-only inventory of agents and their owners)
- Security Reader (read-only review of Conditional Access posture)

### Microsoft Graph permissions (read-only)

- `Directory.Read.All` reads agent identities, owners and account state
- `Application.Read.All` reads the parent application and assigned scopes for each agent
- `AuditLog.Read.All` reads last sign-in activity used to flag orphaned or inactive agents
- `Policy.Read.All` reads Conditional Access policies to determine each agent's posture

## Sources and compliance

- Aligned to ASD Essential Eight Control 5: Restrict Administrative Privileges.
- Supports E8 ML2 evidence for Control 5 (administrative privilege restriction extended to non-human identities).
- Microsoft Entra Agent ID reached GA on 2026-05-01.
- Reference: [https://learn.microsoft.com/en-us/entra/identity/conditional-access/agent-id](https://learn.microsoft.com/en-us/entra/identity/conditional-access/agent-id)
- Pair with Microsoft Agent 365 licensing reporting for cost attribution.
- Output in Australian English.

How to use this skill

Get the file. Download or copy the SKILL.md from the panel above.
Load it into your host:
- Microsoft 365 Copilot / Copilot Studio — add it as the instructions of a declarative agent or Copilot Studio agent.
- Claude (Cowork / Claude Code) — drop the file into your skills folder; it loads as an Agent Skill automatically.
- Any chat host — paste the file contents as your prompt.
Grant read-only access. Assign the least-privilege roles and Microsoft Graph scopes listed in Licensing and permissions below.
Provide your tenant scope and run it (a site, a collection, or the whole tenant).
Review the report and action the risk-ranked recommendations.

This skill is read-only by default — it inspects and reports, and never changes your tenant.

Entra Agent ID Audit

TL;DR: This skill inventories every agent holding a Microsoft Entra Agent ID, surfaces orphaned or risky agents, and reports each agent’s Conditional Access posture so an admin can close the gaps.

What does the Entra Agent ID audit inventory?

The skill enumerates all agents holding a Microsoft Entra Agent ID across the tenant via Microsoft Graph, identifies orphaned, unowned or risk-elevated agents, and reports each agent’s Conditional Access posture so an Entra admin can act. As Agentic AI proliferates, every non-human identity created by Copilot Studio and Microsoft Agent 365 carries scopes and access that need governing like any privileged account. This audit captures ownership, last sign-in, parent application, data tier and assigned Conditional Access policies, then ranks composite risk so the agents that combine an orphaned owner, elevated scopes and no Conditional Access rise to the top.

When should you run this skill?

“Audit Entra Agent IDs”
“Review AI agents in Entra”
“Inventory autonomous agents in our tenant”
“Which agents have no Conditional Access policy applied?”

How this skill works, step by step

Enumerate every Entra Agent ID in the tenant via Microsoft Graph.
For each agent capture: agent display name, owner, creation date, last sign-in, parent application, data tier, and assigned Conditional Access policies.
Flag orphaned agents (no owner, or owner is a disabled account).
Flag agents with no Conditional Access policy targeting them.
Flag agents with elevated scopes (directory write, mail.send, files.readwrite.all).
Rank by composite risk: orphan + elevated scope + no CA policy = High.
Produce the register table below.

Output format

Followed by a summary:

Total agents: N
Orphaned: N
No CA policy: N
High risk: N (requires immediate review)

Scope and safety

Read-only by default; the skill never disables or modifies agents. This skill does NOT:

Disable or modify agents (read-only).
Create Conditional Access policies (pair with Conditional Access for Agents).
Audit agent prompt content or runtime decisions.

Licensing and permissions

Licences and add-ons

Capability used	Minimum licence
Microsoft Entra Agent ID governance (agents created by Copilot Studio and Microsoft Agent 365)	Microsoft Entra ID P1
Conditional Access posture per agent	Microsoft Entra ID P1

Least-privilege roles

Global Reader (read-only inventory of agents and their owners)
Security Reader (read-only review of Conditional Access posture)

Microsoft Graph permissions (read-only)

Directory.Read.All reads agent identities, owners and account state
Application.Read.All reads the parent application and assigned scopes for each agent
AuditLog.Read.All reads last sign-in activity used to flag orphaned or inactive agents
Policy.Read.All reads Conditional Access policies to determine each agent’s posture

Sources and compliance

Aligned to ASD Essential Eight Control 5: Restrict Administrative Privileges.
Supports E8 ML2 evidence for Control 5 (administrative privilege restriction extended to non-human identities).
Microsoft Entra Agent ID reached GA on 2026-05-01.
Reference: https://learn.microsoft.com/en-us/entra/identity/conditional-access/agent-id
Pair with Microsoft Agent 365 licensing reporting for cost attribution.
Output in Australian English.

Licensed under CC BY 4.0 by Educ4te . Adapted from the open HybridSP skills catalogue.