From d09e0e9e0ddf637fd0297e29cc81cd728c36c062 Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 10:21:13 +0200 Subject: [PATCH 001/309] chore(gitignore): add session/local-state baseline (polyrepo split) --- .gitignore | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.gitignore b/.gitignore index b66d25a..60c05d9 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,15 @@ org/ scripts/kb-update/data/ .kb-backup/ .rollback-in-progress + +# --- session/local state (gitignored per ~/.claude polyrepo-konvensjon) --- +STATE.md +REMEMBER.md +ROADMAP.md +TODO.md +NEXT-SESSION-PROMPT*.local.md +*.local.md +*.local.json +*.local.sh +.DS_Store +.claude/ From 3c2dd9ab4a981226bba2817267b8e49779a6538d Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 12:00:34 +0200 Subject: [PATCH 002/309] docs(ms-ai-architect): devil's-advocate-audit (10 dim, 89 verifiserte funn) Komplett dekning- + ferskhetsgjennomgang for norske Azure AI/Foundry-arkitekter. Kilder verifisert mot Microsoft Learn + web 2026-06-18. Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- docs/devils-advocate-audit-2026-06-18.md | 185 +++++++++++++++++++++++ 1 file changed, 185 insertions(+) create mode 100644 docs/devils-advocate-audit-2026-06-18.md diff --git a/docs/devils-advocate-audit-2026-06-18.md b/docs/devils-advocate-audit-2026-06-18.md new file mode 100644 index 0000000..c0ae7c2 --- /dev/null +++ b/docs/devils-advocate-audit-2026-06-18.md @@ -0,0 +1,185 @@ +# Forbedringsrapport: ms-ai-architect v1.15.0 + +**Dato:** 2026-06-18 +**Forfatter:** Lead architect-advisor (verifisert mot offisielle kilder per audit-dato) +**Målgruppe:** AI-rådgiver i norsk offentlig sektor, samt private Azure AI/Foundry-arkitekter +**Grunnlag:** Devil's-advocate-audit over 10 dimensjoner. Kun funn med `confirmed=true` og `finalSeverity != rejected` er tatt med. Fire funn ble forkastet ved uavhengig verifisering (runtime-grounding, embedding-katalog, query-time RBAC, deler av suveren-sky-funnet) og er utelatt. + +--- + +## 1. Sammendrag + +Pluginens implisitte løfte — «alt en norsk Azure AI/Foundry-arkitekt trenger» — holder **ikke fullt ut per juni 2026**. Den er sterk som lærings- og referansestillas, men har materielle ferskhets- og rutingfeil i akkurat de lagene en arkitekt bruker daglig til beslutninger som deles med ledelse, jurist eller tilsyn. + +**Hvor den er sterk (verifisert):** +- **ROS-motoren** er den mest modne delen: 49-trussels bibliotek mappet til OWASP LLM Top 10 (2025) og MITRE ATLAS, deterministiske 7x5-rubrikker, NS 5814/ISO 31000-metodikk, MAESTRO 7-lags multiagentmodell. NS 5814:2021 er korrekt gjeldende. +- **Sikkerhetsscoring (6x5)** er beslutningsgrad: deterministiske sjekkpunkter, MCSB v2-mapping, vektet scoring, gjennomarbeidede referansecase. +- **ms-ai-engineering-KB** er innholdsmessig den dypeste dimensjonen (RAG, evaluering, GenAIOps). Runtime-grounding (Content Safety groundedness detection med correction-modus) og query-time RBAC (`x-ms-query-source-authorization`) **finnes faktisk** og er kurante — to opprinnelige funn ble forkastet her. +- **Den regulatoriske utrednings-spinen** (`/architect:utredning`, 7-fase Cosmo-flyt) er reell og komplett for utredningsinstruksen-arbeid. + +**Hvor den brister (verifisert):** +1. **EU AI Act-tidslinjen er feil i hele pluginen.** Ingen fil reflekterer Digital Omnibus (provisorisk enighet 6.–7. mai 2026), som utsetter Annex III-høyrisiko fra 2. aug 2026 til **2. desember 2027**. Pluginen forteller en norsk deployer at de har ~2 måneder når de i realiteten har ~18. Dette er den enkeltfaktoren som driver hver eneste frist, handlingsplan og roadmap pluginen produserer. +2. **Kostnadslaget kan ikke stoles på.** GPT-5 estimeres til ~$10–15/$40–60 per 1M tokens i en fil stemplet «Verified MCP 2026-05» — reell Azure-pris er **$1,25/$10,00** (input ~8–12x for høyt). To kostnadsfiler i samme plugin er uenige ~4x om GPT-4o. En arkitekt som fakturerer i NOK kan ikke bruke tallene uten å re-verifisere alt — som opphever poenget med en «deterministisk» modell. +3. **Foundry/modellkatalogen er 4–6 generasjoner bakpå** og inneholder en faktafeil som feilstyrer datasuverenitet: KB-en sier GPT-5 i Norway East «kun via Global Standard, data kan forlate regionen», men hele GPT-5-familien er deployerbar i `norwayeast` (Global Provisioned Managed), og gpt-5.5 er i Data Zone Standard `norwayeast`. +4. **Agent-orkestreringen anbefaler et vedlikeholdsmodus-produkt.** MAF 1.0 ble GA 3. april 2026 og er etterfølger til Semantic Kernel + AutoGen (begge nå kun bug/sikkerhetsfikser). KB-en presenterer SK/AutoGen som go-forward og merker MAF-orkestrering «Experimental» — stikk motsatt av virkeligheten. +5. **Den dypeste KB-en er foreldreløs.** Verken kommandoer eller agenter ruter til de 28 RAG- + 22 MLOps-filene; dybden nås bare hvis modellen autonomt laster skillet. Samme mønster rammer ROS (dokumentert 3-fils-budsjett vs. 11 filer agenten faktisk krever — truer determinisme-løftet), DPIA (Schrems/CLOUD Act-metodikk er utenfor agentens rutestier), og prosess-deliverables (NNV, gevinstrealisering, anskaffelser, kapasitet-sizing finnes som KB men ingen kommando surfacer dem). +6. **Privat sektor er andrerangs.** Seks daglige kommandoer hardkoder «norsk offentlig sektor»; onboarding kan ikke representere en privat virksomhet; finanssektor-innhold (DORA/Finanstilsynet) finnes i KB men har ingen kommandosti. + +**Verdikt:** For en *norsk offentlig* arkitekt er pluginen brukbar som rådgivnings- og utredningsverktøy, men den regulatoriske tidslinjen og kostnadstallene må re-baselines før noe deles eksternt. For en *privat enterprise* Azure/Foundry-arkitekt er den i dag et halvferdig verktøy: kjernedybden finnes, men entry-points, kalibrering og demo-flate er offentlig-sektor-først. + +--- + +## 2. Ferskhets-status + +Status: **Oppdatert** = KB matcher kilde / **Delvis** = noe korrekt, noe utdatert eller intern selvmotsigelse / **Utdatert** = løpsbærende fakta er feil. + +| Dimensjon | Status | Hva som konkret har endret seg siden KB-dato | Verifiserende kilde (URL + dato) | +|-----------|--------|----------------------------------------------|----------------------------------| +| **EU AI Act** | Utdatert | Digital Omnibus (prov. enighet 6.–7. mai 2026): Annex III-høyrisiko utsatt 2. aug 2026 → **2. des 2027**; Annex I-innebygd → 2. aug 2028; Art. 50 syntetisk-innhold-frist kuttet 6→3 mnd (2. des 2026); ny Art. 5-forbud (NCII/CSAM). GPAI i kraft siden 2. aug 2025 (KB sier fremtidig). Art. 99-bøter feil i provider-fil (30M/6 % — finnes ikke; korrekt 35M/7 %, 15M/3 %). Nkom nå utpekt koordinerende tilsyn (KB: «under etablering»). | [Consilium 7. mai 2026](https://www.consilium.europa.eu/en/press/press-releases/2026/05/07/); [Gibson Dunn Omnibus](https://www.gibsondunn.com/eu-ai-act-omnibus-agreement-postponed-high-risk-deadlines-and-other-key-changes/); [AI Act Art. 99](https://artificialintelligenceact.eu/article/99/) — alle aksessert 2026-06-18. **NB:** Omnibus er **provisorisk, ikke vedtatt** — OJ-publisering ventet før 2. aug 2026. Tidslinjen skal merkes «foreløpig, avventer OJ». | +| **DPIA/GDPR + overføring** | Delvis | EU Data Boundary **fullført feb 2025** (KB: «status å verifisere», bruker «West Europe» som anker for trygd/helse). DPF: Latombe-søksmålet **avvist av Underretten 3. sep 2025** (KB: «utfordret av NOYB, gyldig per 2026»). EDPB Opinion 28/2024 (anonymisering av AI-modeller) ikke reflektert. KI-loven (høring sommer 2025, tiltenkt ~aug 2026) mangler i DPIA-stien. | [Microsoft EUDB-fullføring 2025-02-26](https://blogs.microsoft.com/on-the-issues/2025/02/26/microsoft-completes-landmark-eu-data-boundary-offering-enhanced-data-residency-and-transparency/); [IAPP Latombe](https://iapp.org/news/a/european-general-court-dismisses-latombe-challenge-upholds-eu-us-data-privacy-framework); [regjeringen.no Nkom](https://www.regjeringen.no/en/whats-new/gjor-norge-klar-for-trygg-og-innovativ-ki-bruk/id3093081/) — aksessert 2026-06-18 | +| **ROS** | Delvis | NSM Grunnprinsipper sitert v2.0/2022 — gjeldende er **v2.1 (31. mai 2024)**. Art. 99-bot feil (30M/6 %) i metodikkfil, motsier agentens egne korrekte tall. OWASP Top 10 for Agentic Applications 2026 (ASI01–ASI10, publ. 9. des 2025) ikke mappet. MITRE ATLAS AML.T0051 feilmerket «LLM Agent Hijacking» (er «LLM Prompt Injection»). EchoLeak (CVE-2025-32711) ikke dekket. | [NSM GP v2.1](https://nsm.no/aktuelt/ny-versjon-av-nsms-grunnprinsipper-for-ikt-sikkerhet-klar); [OWASP Agentic 2026](https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/); [CVE-2025-32711 EchoLeak](https://thehackernews.com/2025/06/zero-click-ai-vulnerability-exposes.html) — aksessert 2026-06-18 | +| **Foundry / modellkatalog** | Utdatert | Katalog stopper ved gpt-5.2 (des 2025); mangler GPT-5.3/5.4/5.5, gpt-chat-latest, gpt-oss, sora-2, gpt-image-2. Norway East GPT-5-residens **feil** (hele familien i `norwayeast` Global Provisioned Managed; gpt-5.5 i Data Zone Standard `norwayeast`). 88 doc-lenker bruker pensjonert `azure/ai-foundry/`-navnerom. «Connected Agents»-framing erstattet av Prompt/Hosted agents + Responses API. Foundry Local på Azure Local (suveren/air-gapped) mangler. | [MS Learn region-availability](https://learn.microsoft.com/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure-region-availability); [models-sold-directly-by-azure](https://learn.microsoft.com/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure) — aksessert 2026-06-18 | +| **Copilot / Power** | Delvis | Computer-Using Agents **GA 13. mai 2026** i alle kommersielle geos (KB: «Preview, US-only» — fraråder aktivt CUA). Modellkatalog flere generasjoner bakpå (GPT-4.1 som default; GPT-5.5 Instant/Reasoning, Claude 4.6/Opus mangler/feilmerket). M365 E7 (GA mai 2026, ~$99/bruker) og Agent 365 (GA 1. mai 2026) ikke i lisensmatrise. Anthropic-modeller utenfor EU Data Boundary, off-by-default for EU/EFTA fra 4. mai 2026 — ikke flagget i copilot-studio.md. | [Copilot Studio what's-new (ms.date 2026-05-14)](https://learn.microsoft.com/en-us/microsoft-copilot-studio/whats-new); [CUA GA-blogg 13. mai 2026](https://techcommunity.microsoft.com/blog/copilot-studio-blog/computer-using-agents-in-microsoft-copilot-studio-are-now-generally-available/4519427) — aksessert 2026-06-18 | +| **Agent-orkestrering** | Utdatert | **MAF 1.0 GA 3. april 2026**; Semantic Kernel + AutoGen i vedlikeholdsmodus (ingen nye features). KB presenterer SK/AutoGen som go-forward, MAF-orkestrering merket «Experimental» (5 kjernemønstre er stabile; kun Python Functional Workflow API er eksperimentell). A2A dokumentert v0.3 — nå **v1.0** (signerte Agent Cards, gRPC). Entra Agent ID GA april 2026 (overflatisk dekket). Build 2026: Hosted Agents, Agent Harness, CodeAct mangler helt. | [MAF 1.0 GA](https://devblogs.microsoft.com/agent-framework/microsoft-agent-framework-version-1-0/); [Entra Agent ID](https://learn.microsoft.com/en-us/entra/agent-id/what-is-microsoft-entra-agent-id); [A2A v1.0](https://a2a-protocol.org/latest/) — aksessert 2026-06-18 | + +### Note: UNVERIFISERTE / kun delvis bekreftede påstander (behandle med forsiktighet) + +Disse er bekreftet i retning, men eksakt detalj er **ikke** uavhengig verifisert i auditen — de skal **ikke** asserteres i delt output uten fersk sjekk: + +- **Foundry preview-chat-modellenes nøyaktige pensjonsdato.** Funnet oppga «2026-06-29», men kilder peker mot juni 2026 / 1. juni 2026 for gpt-5.3-chat preview. Den eksakte datoen er ikke bekreftet — kun at preview-chat-modeller pensjoneres nær forestående og at `gpt-chat-latest` er etterfølgeren. Verifiser mot model-retirement-schedule-siden. +- **A2A v1.0 eksakt cutover-dato.** Den offisielle spec-siden gir ingen presis dato, kun «breaking changes» + bakoverkompatibilitet via dual-versjon Agent Cards. v1.0-eksistensen og featuresettet er solid; datoen er det ikke. +- **A2A-saksnummeret C-703/25 P** (DPF CJEU-anke) kunne ikke bekreftes fra søkeresultater. Underrettens avvisning 3. sep 2025 er bekreftet; saksnummeret er uverifisert. +- **GPT-5/5.x absolutte token-priser ut over GPT-5 flagship ($1,25/$10,00, bekreftet).** Azure-prissiden er JS-rendret; gpt-5.2 ($1,75/$14) og andre tiers bør re-hentes via pricing-kalkulator før de tallfestes i klient-output. +- **PTU per-time NOK-rate.** Microsoft publiserer ikke en flat per-PTU/time-pris slik KB-en antyder; eksternt sett ~$2 448/mnd inngangsnivå. KB-ens breakeven-tall er fabrikerte avrundinger og ikke reproduserbare. +- **Microsoft product-capability-påstander i ai-act-microsoft-tools-mapping.md** (15 automated evaluation actions, C2PA-watermarking, Compliance Manager EU AI Act-template) ble ikke re-sjekket mot Microsoft Learn — behandle som plausible-men-uverifiserte. +- **Norges Bank USD/NOK-kurs** (KB hardkoder 10,50 per feb-2026; mid-juni 2026 ~9,5 ifølge søk, men ikke autoritativt verifisert i auditen). +- **WAF/CAF-deliverable-funnets sourceCheck** var UNVERIFIED på selve gap-et; WAF/CAF som rammeverk er etablerte, men «kritisk hull»-framingen er en skjønnsvurdering, ikke en verifisert faktafeil. + +--- + +## 3. Prioriterte forbedringer + +### P1 — Tillit og korrekthet (blokker for trygg ekstern bruk) + +**Tema A: Re-baseline EU AI Act-tidslinjen (Digital Omnibus)** +- **Hva er feil:** Hele frist-tabellen i `CLAUDE.md:120`, `ai-act-assessor.md:141-144`, `ai-act-classification-methodology.md:280`, `ai-act-compliance-guide.md`, `ai-act-conformity-assessment.md:332-339`, `ai-act-annex-iii-checklist.md`, `ai-act-microsoft-tools-mapping.md` og `ai-act-deployer-obligations.md` ankrer høyrisiko på 2. aug 2026. +- **Hvorfor det betyr noe:** Tidslinjen er løpsbærende for hver roadmap, handlingsplan og «frist»-kolonne. Arkitekten feilråder organisasjonen på den enkeltfaktoren med størst konsekvens for investering og sekvensering. +- **Anbefaling:** Erstatt med to-trinns høyrisiko-datoer (Annex III: 2. des 2027; Annex I-innebygd: 2. aug 2028), legg til Art. 5-forbud + Art. 50-frist 2. des 2026, og merk hele tidslinjen «foreløpig, avventer OJ-publisering». Utvid `kb-update` til å polle EUR-Lex/Commission/regjeringen.no (ikke bare Microsoft Learn — som strukturelt ikke kan fange dette). +- **Estimat:** M (én kanonisk dato-boks transkludert overalt + kb-update-utvidelse). + +**Tema B: Fiks kostnadslaget — én sannhetskilde, korrekte tall** +- **Hva er feil:** GPT-5 ~8–12x for høyt i `gpt5-gpt41-pricing-models.md` (stemplet «Verified MCP 2026-05»); `cost-models.md` vs `deterministic-cost-calculation-model.md` uenige ~4x om GPT-4o ($10/$30 vs $2,50/$10); begge navngitt som kostnadskilde i CLAUDE.md-rutingen → agenten kan lese hvilken som helst. +- **Hvorfor det betyr noe:** Verifiseringsplikt-brudd: «Verified»-stempel på en gjetting. En arkitekt som presenterer NOK-budsjett til styret over-budsjetterer GPT-5 og styrer klienten bort fra den av feil grunn. +- **Anbefaling:** Gjør `deterministic-cost-calculation-model.md` til eneste prissannhet; strip pris-tabeller ut av `cost-models.md`; sett GPT-5 til $1,25/$10,00 (verifisert) og legg til GPT-5-familien; fjern «Verified»-stempel fra alle tall som faktisk var estimater; slett GPT-3.5 Turbo-anbefalinger. Standardiser per-1M tokens overalt; merk PTU-NOK-tall som illustrative til reelle SKU-priser hentes. +- **Estimat:** M. + +**Tema C: Rett Norway East GPT-5-datasuverenitet** +- **Hva er feil:** `model-catalog-2026.md:272-279/336-340/383` og `azure-ai-foundry.md:272-275` sier GPT-5 i Norway East er ikke-resident og anbefaler unødvendig Sweden Central-migrasjon. +- **Hvorfor det betyr noe:** Datasuverenitet under GDPR/Schrems II er den mest konsekvensrike beslutningen i dimensjonen for offentlig sektor. (Nyanse fra verifisering: Global Provisioned Managed *er* et globalt prosesseringsmønster — data *kan* forlate regionen — så KB-ens forsiktighet er teknisk riktig *for den deployment-typen*; feilen er utelatelsen av Global/Global-PTU-tilgjengelighet og den nye Data Zone Standard `norwayeast` for gpt-5.5.) +- **Anbefaling:** Korriger Norway East-radene for hele GPT-5-familien (Global Standard + Global Provisioned Managed), legg til gpt-5.5 Data Zone Standard `norwayeast`, og skriv om beslutningstreet så GPT-5 presenteres som data-resident alternativ via Regional PTU der streng residens kreves. +- **Estimat:** S–M. + +**Tema D: Korriger agent-rammeverk-anbefalingen (MAF 1.0)** +- **Hva er feil:** `semantic-kernel-agents-implementation.md`, `multi-agent-orchestration-patterns.md`, `declarative-vs-imperative-agent-design.md` presenterer SK/AutoGen som go-forward og MAF-orkestrering som «Experimental». +- **Hvorfor det betyr noe:** Rammeverksvalg er den høyest-leverte arkitekturbeslutningen i et multiagent-bygg. Å anbefale et vedlikeholdsmodus-SDK til et greenfield Foundry-prosjekt er en direkte, kostbar feilstyring. +- **Anbefaling:** Status-banner: MAF 1.0 er GA og etterfølger til SK + AutoGen (begge vedlikeholdsmodus). Nye bygg → MAF; SK/AutoGen kun for eksisterende kodebaser med migrasjonsplan. Oppdater MAF-orkestrering til GA/stabil for de 5 mønstrene (kun Python Functional Workflow API eksperimentell). Lenk offisielle migrasjonsguider. +- **Estimat:** M. + +**Tema E: Art. 99-bøter — slett den ikke-eksisterende 30M/6 %-raten** +- **Hva er feil:** `ai-act-provider-obligations.md:13` og `ros-methodology-ns5814-iso31000.md:236` siterer «30 millioner EUR / 6 %» (2021-utkast, finnes ikke i vedtatt forordning). Begge motsies av korrekte tall andre steder i samme KB. +- **Hvorfor det betyr noe:** En arkitekt som siterer 30M/6 % til styre/jurist siterer en juridisk ikke-eksisterende bot — kredibilitetsdrepende foran tilsyn. +- **Anbefaling:** Korriger til Art. 99 tre-tier (35M/7 % for Art. 5-forbud; 15M/3 % for høyrisiko/Art. 9-27; 7,5M/1 % for feilinformasjon). Lag én kanonisk bot-tabell referert av alle filer. Grep KB for «6 %»/«30 millioner» for å fange gjenværende forekomster (én ekstra i `transparency-documentation-standards.md:689`). +- **Estimat:** S. + +### P2 — Ruting og nåbarhet (dybden finnes, men er foreldreløs) + +**Tema F: Rut til den dype engineering-/RAG-/MLOps-KB-en** +- **Hva mangler:** Ingen kommando/agent ruter til 28 RAG- + 22 MLOps-filer; kun `generate-skills.md` (KB-forfatter-manifest) refererer dem. `architecture-review-agent` ruter kun til advisor/governance/security. +- **Hvorfor det betyr noe:** 153-fils engineering-skillet er betalt for, men nås kun ved autonom skill-aktivering — ikke deterministisk. Den dypeste byggbare dybden er latent. +- **Anbefaling:** Legg eksplisitt Read-ruting til RAG/MLOps-kjernefiler i `architecture-review-agent`, `research-agent` og `poc`-kommandoen (samme navngitte-fil-mønster som security/cost allerede bruker). Dokumenter et `/architect:engineering`- eller RAG-design-entry-point. +- **Estimat:** M. + +**Tema G: Fiks ROS-rutingsmotsetningen (determinisme-løftet)** +- **Hva er feil:** `CLAUDE.md:81` sier «max 3 filer» for ros-analysis-agent; `ros-analysis-agent.md` lister 11; `ros.md:49-53` ber om 5 + sektorsjekklister. Truslebiblioteket alene er ~1004 linjer. +- **Hvorfor det betyr noe:** Enten skipper agenten filer stille (to analytikere får ulike trusselsett/scorer — motsatt av «deterministisk») eller sprenger budsjettet. Reproduserbarhet er et hovedløfte. +- **Anbefaling:** Forson regelen med virkeligheten: hev/kvalifiser budsjettet for ros-analysis-agent, eller splitt truslebiblioteket i per-kategori-filer lastet betinget. Angi eksplisitt, håndhevet last-rekkefølge. Legg MAESTRO + DPIA-security-integration til betinget i `ros.md` (ikke bare i agentfilen). +- **Estimat:** M. + +**Tema H: Gjør DPIA-agenten i stand til å nå Schrems/CLOUD Act-metodikken** +- **Hva mangler:** `dpia-agent.md` lister «Cross-border transfers (Schrems II)» som risiko #7 men ruter kun til 3 filer uten TIA-metodikk. EDPB seks-stegs-TIA, CLOUD Act/FISA 702-restanalyse bor i filer agenten aldri laster. (CLOUD Act *finnes* 11 steder i pluginen, men ingen i DPIA-agentens stier.) +- **Hvorfor det betyr noe:** Agenten produserer en DPIA som *navngir* Schrems-risikoen men ikke kan vurdere eller mitigere den. DPO-en vil spørre «kan amerikanske myndigheter nå disse dataene?» — agenten har intet grunnlagt svar. +- **Anbefaling:** Legg `data-residency-audit-monitoring.md` (eller ny TIA-metodikkfil) til DPIA-agentens betingede last under en «cross-border»-trigger. Forfatt eksplisitt CLOUD Act/FISA 702/EO 14086-seksjon: EUDB holder data i EØS men fjerner ikke tredjelands-tilgangsmulighet; restoverføringer krever dokumentert TIA med tekniske tiltak (CMK, customer lockbox, confidential computing). +- **Estimat:** M–L (krever forfatting av ny EDPB-seks-stegs-metodikk, ikke bare re-ruting). + +**Tema I: Wire de foreldreløse deliverable-KB-ene** +- **Hva mangler:** `samfunnsokonomisk-analyse-nnv.md`, `gevinstrealisering-dfo-methodology.md`, `anskaffelser-ai-procurement-framework.md`, `capacity-feasibility-benchmarks.md`, `gpu-compute-sizing.md`, `alternativanalyse-methodology.md` — alle eksisterer, ingen kommando/agent surfacer dem. +- **Hvorfor det betyr noe:** Kunnskapen er skrevet og betalt for, men ikke overflatebar. `/architect:compare` ignorerer den vektede MCA-metodikken som allerede ligger i KB — en bar pros/cons-tabell overlever ikke en anskaffelses-klage eller styre-utfordring. +- **Anbefaling:** Wire inn via dedikerte/utvidede kommandoer: `/architect:businesscase` (NNV + gevinstrealisering), `/architect:anskaffelse` (kravspek + terskelverdi), kapasitet-sizing inn i `/architect:cost`, og en «weighted»-modus i `/architect:compare` som bruker `alternativanalyse-methodology.md`. +- **Estimat:** M per kommando. + +### P3 — Ferskhets-hygiene og dekningsgap + +**Tema J: Currency-pass på hurtigbevegelige flater** +- Agentic retrieval er **GA** (REST 2026-04-01, knowledge bases/sources, multi-source) — KB sier «Preview, single-index» (`agentic-rag-patterns.md`). **S.** +- Prompt Flow er **pensjonert** (EOL 2027-04-20, migrer til MAF) — brukt som anbefalt verktøy i ~6 filer uten advarsel. Legg pensjon-banner + re-pek til MAF. **S.** +- A2A v0.3 → v1.0 (signerte Agent Cards). **S.** +- CUA Preview/US-only → GA 13. mai 2026, alle geos; oppdater RPA-vs-CUA-tabellen. **S.** +- M365 E7 + Agent 365 inn i lisensmatrise (`licensing-matrix.md`, stalest, dater 2026-01). **M.** +- NSM Grunnprinsipper v2.0 → v2.1. **S.** +- `azure/ai-foundry/` → `azure/foundry/` (88 lenker); oppdater kb-update sitemap-mål. **M.** + +**Tema K: Trussel-dekning for 2026-realiteten** +- OWASP Top 10 for Agentic Applications 2026 (ASI01–ASI10) mappes inn i ROS Category 6 + MAESTRO. **M.** +- EchoLeak (CVE-2025-32711) zero-click M365 Copilot-eksfiltrasjon som egen/utvidet trussel. **S.** +- MITRE ATLAS AML.T0051-feilmerking + remap agent-autonomi-trusler mot Oct-2025 ATLAS agent-teknikker. **S.** +- Defender «Threat protection for AI services» (GA runtime-alerts) som egen KB-fil, ikke bare scoring-checkbox. **M.** +- Fire manglende OWASP-referansefiler (LLM04/06/08/09 viser «—» i SKILL.md-tabellen). **M.** + +**Tema L: Foundry-dekning for suverenitet** +- Foundry Local på Azure Local (Arc/Kubernetes, air-gapped) — den mest offentlig-sektor-relevante varianten — mangler helt. **M.** +- EDPB Opinion 28/2024 (AI-modeller og personopplysninger): mykgjør «anonymisert = utenfor scope» til krav om re-identifiserings-vurdering. **S.** + +--- + +## 4. Quick wins denne uka (S, høy verdi, lav risiko) + +Alle er rene tekst-rettelser av verifiserte faktafeil — ingen arkitektur-endring, lav regresjonsrisiko: + +1. **Art. 99-bøter** → `skills/ms-ai-governance/.../ai-act-provider-obligations.md:13` og `skills/.../ros-methodology-ns5814-iso31000.md:236`. Bytt 30M/6 % → 35M/7 % (Art. 5) / 15M/3 % (høyrisiko). Grep også `transparency-documentation-standards.md:689`. +2. **GPT-5-pris** → `skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md`. Sett $1,25/$10,00 (verifisert), fjern «Verified MCP 2026-05»-stempel fra estimat-bånd. +3. **GPT-4o-motsetning** → `skills/ms-ai-advisor/references/architecture/cost-models.md:42`. Rett $10/$30 → $2,50/$10,00 (eller fjern pris-tabell og referer deterministic-modellen). +4. **MAF-status-banner** → topp av `semantic-kernel-agents-implementation.md` + `multi-agent-orchestration-patterns.md`: «MAF 1.0 GA; SK/AutoGen vedlikeholdsmodus». +5. **Prompt Flow pensjon-banner** → hver fil som anbefaler Prompt Flow (`prompt-flow-production-deployment.md`, `genaiops-llm-specific-practices.md`, `rag-evaluation-frameworks.md`, `rag-core-patterns.md`, `azure-ai-search-setup.md`): «Pensjoneres 2027-04-20, migrer til MAF». +6. **NSM Grunnprinsipper-versjon** → `ros-methodology-ns5814-iso31000.md:29`: v2.0 (2022) → v2.1 (2024). +7. **CUA-status** → `copilot-studio.md:51/170/208` + RPA-vs-CUA-tabell (linje 195-206): Preview/US-only → GA 13. mai 2026, alle kommersielle geos. +8. **EU AI Act frist-tabell-banner** → `CLAUDE.md:120` + `ai-act-assessor.md:141-144`: legg til topp-note «Foreløpig — Digital Omnibus utsetter Annex III-høyrisiko til 2. des 2027 (avventer OJ-publisering)». (Full re-baseline er M, men denne advarselen er S og stopper umiddelbar feilråding.) +9. **GPAI in-force** → splitt GPAI ut av høyrisiko-raden i `CLAUDE.md:120` og `ai-act-assessor.md:143`: «Art. 53/55 + Code of Practice i kraft siden 2. aug 2025; håndheving fra 2. aug 2026». +10. **EØS/«direkte gjeldende»** → fjern den ukvalifiserte påstanden i `ai-act-compliance-guide.md:10`; erstatt med én status-boks (ikke EØS-innlemmet per dato; KI-loven ~aug 2026; norske aktører i EU-markedet bundet av EU-datoer uansett). + +--- + +## 5. Privat-sektor-paritet + +Pluginens README hevder den forblir «useful for any enterprise context», men kommando-flate, onboarding og demo-data er systematisk offentlig-sektor-først. En privat norsk enterprise Azure/Foundry-arkitekt er andrerangs: + +**Verifiserte mangler:** + +1. **Onboarding kan ikke representere en privat virksomhet.** `onboarding-agent.md:34` sektor-valg er `Statlig/Kommunal/Fylkeskommune/Helseforetak/Undervisning/Annet` — en bank må velge «Annet». Reguleringslisten (`:37`) er kun offentlig lov (ingen Finansforetaksloven, DORA, Verdipapirhandelloven). org/-filer leses av alle 11 agenter for kalibrering → privat arkitekts hele nedstrøms-opplevelse kalibreres mot et offentlig-sektor-skjelett. + - **Anbefaling:** Legg til private sektor-valg (Finans/bank/forsikring, Industri, Handel, Energi, Telekom, AS/konsern) + privat regulerings-sett. Forgren intervjuet så private ikke spørres Offentleglova/Arkivloven. Betinget Fase 3-gren for regulert privat sektor (DORA-scope, Finanstilsynet, egen dataklassifiserings-taksonomi). + +2. **EU AI Act-klassifisering hardkoder offentlig sektor** — men AI Act gjelder *alle* providers/deployers. `classify.md:11` («for et AI-system i norsk offentlig sektor»), defaulter brukertyper til «borgere, saksbehandlere, interne». Seks daglige kommandoer (classify, dpia, ros, frimpact, utredning, review) hardkoder «offentlig sektor»; kun `security.md:22` og `compare.md` behandler kontekst som parameter. + - **Anbefaling:** Gjør sektor til parsed parameter i alle seks (som security.md), default nøytral. Offentlig-spesialisering aktiveres på detektert kontekst. (Nyanse: FRIA er *også* obligatorisk for noen private deployers — kredittverdighet, forsikringsprising — så «reserver FRIA for offentlig» er upresist.) + +3. **Privat-sektor-regulatorer finnes i KB men har ingen kommandosti.** `ros-sector-checklists.md §3 Finans` har en 17-punkts finanssjekkliste (Finansforetaksloven, DORA 2022/2554, IKT-forskriften, Verdipapirhandelloven, EBA/GL/2023/06) — nåbar kun via `/architect:ros`, som rammer hele analysen som «offentlig sektor». `/architect:requirements` detekterer *ikke* sektor (kun rolle provider/deployer). Ingen help/README forteller en finans-arkitekt at DORA/Finanstilsynet-dekning eksisterer. + - **Anbefaling:** Privat-sektor-aware compliance-entry (f.eks. `/architect:requirements` detekterer Finans → DORA/Finanstilsynet), eller minimum dokumenter sektor-sjekklistene i help.md og README. + +4. **Ingen sektor-nøytral «Solution Architecture Document».** `/architect:utredning` er eksplisitt scoped til utredningsinstruksen (`utredning.md:11`). En privat arkitekt som vil ha et vanlig SAD (kontekst, krav/NFR, opsjoner, valgt design, risiko, roadmap) uten offentlig-sektor-stillaset må enten over-invokere utredning eller stitche adr+summary+diagram manuelt. + - **Anbefaling:** Sektor-nøytral `/architect:design` som persisterer Fase 6-output strukturert. I dag er valget «ephemeral chat» eller «full utredning» — intet imellom. + +5. **Ingen tredjeparts-/SaaS-/shadow-AI-vurdering** — en daglig privat-enterprise-oppgave. `license.md` mapper Microsoft-lisenser, ikke eksterne leverandører. + - **Anbefaling:** `/architect:vendor` (eller utvid `/compare` til ikke-Microsoft SaaS): due-diligence-sjekkliste (dataresidens, sub-prosessorer, DPA, Schrems II, AI Act deployer-forpliktelser). + +6. **README/help/playground signaliserer offentlig-sektor-bane.** README har dedikert «Norwegian Public Sector Features» (linje 278), `help.md` ruter steg 2 til «utredning for offentlig sektor» som kanonisk. Playground-seed er 100 % offentlig («Acme Kommune», saksbehandler, borger). En privat arkitekt ser sin egen brukssak ingensteds. + - **Anbefaling:** Parallell privat-enterprise-arbeidsflyt i README + help (classify → security → cost → ADR, uten utredning/FRIA); minst ett privat-sektor-seed-prosjekt i playground (f.eks. bank fraud-detection under DORA/Finanstilsynet). + +**Konklusjon privat-sektor:** Kjerne-dybden (sikkerhetsscoring, kostnadsmodell, RAG/engineering-KB, finans-sjekkliste) er sektor-agnostisk og verdifull. Det som mangler er *entry-points, kalibrering og navigasjon* — i stor grad mekaniske endringer (parametrer sektor, forgren onboarding, dokumenter eksisterende innhold), ikke nytt KB-arbeid. Paritet er innen rekkevidde uten å bygge en ny plugin. From 70f24fa9df7ef38dbcc20bb61b98878973181897 Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 12:00:34 +0200 Subject: [PATCH 003/309] =?UTF-8?q?fix(ms-ai-architect):=20re-baseline=20E?= =?UTF-8?q?U=20AI=20Act-tidslinje=20(Digital=20Omnibus)=20+=20Art=2099-b?= =?UTF-8?q?=C3=B8tesatser?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Annex III hoyrisiko utsatt 2026-08-02 -> 2027-12-02 (provisorisk, Omnibus); Annex I -> 2028-08-02. Oppdatert CLAUDE.md frister, session-start-hook, ai-act-assessor output-mal + 5 AI Act-KB-filer. - Art 99-boter: 30M/6% (finnes ikke) -> 35M/7% (Art 5), 15M/3% (ovrig), 7.5M/1% (feilinfo) i 4 filer. - Art 50 transparens presisert (gjelder 2026-08-02; eksist. generative systemer frist 2026-12-02). Fjernet hardkodede dag-nedtellinger i CLAUDE.md. Verifisert mot Consilium/Gibson Dunn/Latham/artificialintelligenceact.eu 2026-06-18. Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- CLAUDE.md | 10 +++++++--- agents/ai-act-assessor.md | 7 ++++--- hooks/scripts/session-start-context.mjs | 9 ++++++--- .../ros-methodology-ns5814-iso31000.md | 2 +- .../responsible-ai/ai-act-annex-iii-checklist.md | 8 +++++--- .../ai-act-classification-methodology.md | 4 ++-- .../responsible-ai/ai-act-conformity-assessment.md | 13 +++++++------ .../responsible-ai/ai-act-deployer-obligations.md | 4 ++-- .../ai-act-microsoft-tools-mapping.md | 2 +- .../responsible-ai/ai-act-provider-obligations.md | 4 ++-- .../responsible-ai-training-awareness.md | 2 +- .../transparency-documentation-standards.md | 2 +- 12 files changed, 39 insertions(+), 28 deletions(-) diff --git a/CLAUDE.md b/CLAUDE.md index a0b7da0..862970e 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -113,12 +113,16 @@ Se `references/architecture/recommended-mcp-servers.md` for detaljer. ## Viktige frister (EU AI Act) +> **NB — Digital Omnibus (provisorisk):** EU-rådet og Parlamentet ble 7. mai 2026 enige om å utsette høyrisiko-fristene (Digital Omnibus). Endringene trer i kraft først ved formell vedtakelse + publisering i Official Journal (ventet før 2026-08-02), så datoene under er **foreløpige**. Des. 2027 er en **ytre grense** — Kommisjonen kan fremskynde til 6 mnd etter at standarder/spesifikasjoner/veiledning er på plass. Kjør `/architect:classify` for systemspesifikk vurdering. + | Frist | Krav | Status | |-------|------|--------| | 2025-02-02 | Forbudte AI-praksiser (Art. 5) | Gjeldende | -| 2025-08-02 | Governance og sanksjoner (Art. 99) | Gjeldende | -| 2026-08-02 | GPAI-krav + Annex III høyrisiko | 161 dager | -| 2027-08-02 | Alle høyrisiko-krav (full compliance) | 527 dager | +| 2025-08-02 | GPAI-krav + governance/sanksjoner (Art. 99) | Gjeldende | +| 2026-08-02 | Transparens (Art. 50): merking av syntetisk innhold gjelder | Gjeldende | +| 2026-12-02 | Art. 50(2): frist for maskinlesbar merking i eksisterende generative systemer | Overgang (Omnibus) | +| 2027-12-02 | Annex III høyrisiko (frittstående) — utsatt fra 2026-08-02 | Provisorisk (Omnibus) | +| 2028-08-02 | Annex I høyrisiko (innebygd i regulerte produkter) | Provisorisk (Omnibus) | **Tilsynsmyndigheter:** Datatilsynet (personvern), nasjonal AI-tilsynsmyndighet (under etablering), sektortilsyn. diff --git a/agents/ai-act-assessor.md b/agents/ai-act-assessor.md index 143eecf..b5240cb 100644 --- a/agents/ai-act-assessor.md +++ b/agents/ai-act-assessor.md @@ -139,9 +139,10 @@ Anbefal oppfølgingsaktiviteter: | Frist | Krav | Relevans | |-------|------|----------| | 2025-02-02 | Forbudte AI-praksiser (Art. 5) | [Gjelder/Gjelder ikke] | -| 2025-08-02 | Governance og sanksjoner (Art. 99) | [Gjelder/Gjelder ikke] | -| 2026-08-02 | GPAI-krav + Annex III høyrisiko | [Gjelder/Gjelder ikke] | -| 2027-08-02 | Alle høyrisiko-krav (full compliance) | [Gjelder/Gjelder ikke] | +| 2025-08-02 | GPAI-krav + governance/sanksjoner (Art. 99) | [Gjelder/Gjelder ikke] | +| 2026-08-02 | Transparens (Art. 50, syntetisk innhold) | [Gjelder/Gjelder ikke] | +| 2027-12-02 | Annex III høyrisiko — provisorisk (utsatt fra 2026-08-02 via Omnibus, avventer OJ) | [Gjelder/Gjelder ikke] | +| 2028-08-02 | Annex I høyrisiko innebygd (provisorisk) | [Gjelder/Gjelder ikke] | ### Referanser - [Liste over KB-filer og MCP-kilder brukt] diff --git a/hooks/scripts/session-start-context.mjs b/hooks/scripts/session-start-context.mjs index cb4a46f..062a48f 100644 --- a/hooks/scripts/session-start-context.mjs +++ b/hooks/scripts/session-start-context.mjs @@ -76,10 +76,13 @@ if (lastPollDaysAgo > 7) { // --- 3. Check EU AI Act deadlines --- const AI_ACT_DEADLINES = [ + // NB: Digital Omnibus (prov. enighet 2026-05-07) utsatte høyrisiko; datoer foreløpige til OJ-publisering. { date: new Date('2025-02-02'), label: 'Forbudte AI-praksiser (Art. 5)' }, - { date: new Date('2025-08-02'), label: 'Governance + sanksjoner (Art. 99)' }, - { date: new Date('2026-08-02'), label: 'GPAI-krav + høyrisiko i Annex III' }, - { date: new Date('2027-08-02'), label: 'Alle høyrisiko-krav (full compliance)' }, + { date: new Date('2025-08-02'), label: 'GPAI-krav + governance/sanksjoner (Art. 99)' }, + { date: new Date('2026-08-02'), label: 'Transparens Art. 50 (syntetisk innhold)' }, + { date: new Date('2026-12-02'), label: 'Art. 50(2) merking — frist for eksisterende generative systemer (Omnibus)' }, + { date: new Date('2027-12-02'), label: 'Annex III høyrisiko (provisorisk, Omnibus — utsatt fra 2026-08-02)' }, + { date: new Date('2028-08-02'), label: 'Annex I høyrisiko innebygd (provisorisk, Omnibus)' }, ]; let nearestDeadline = null; diff --git a/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-methodology-ns5814-iso31000.md b/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-methodology-ns5814-iso31000.md index 7e0ff71..5e9a36e 100644 --- a/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-methodology-ns5814-iso31000.md +++ b/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-methodology-ns5814-iso31000.md @@ -233,7 +233,7 @@ Konsekvenser vurderes langs fire dimensjoner. Samlet konsekvens-score er det hø **Omdømme:** For offentlige virksomheter er tillit til det offentlige en selvstendig verdi. Vurder om hendelsen kan svekke innbyggernes tillit til offentlig forvaltning generelt, ikke bare den aktuelle virksomheten. -**Juridisk:** GDPR-brudd som involverer sensitive personopplysninger kan automatisk eskalere til nivå 4–5. AI Act-brudd for høyrisiko AI-systemer etter 2026 kan medføre bøter på inntil 30 millioner EUR eller 6 % av global omsetning. +**Juridisk:** GDPR-brudd som involverer sensitive personopplysninger kan automatisk eskalere til nivå 4–5. AI Act-brudd kan medføre bøter på inntil €35 mill / 7 % (forbudte praksiser, Art. 5) eller €15 mill / 3 % (øvrige brudd, inkl. høyrisiko-krav) av global omsetning, jf. Art. 99. --- diff --git a/skills/ms-ai-governance/references/responsible-ai/ai-act-annex-iii-checklist.md b/skills/ms-ai-governance/references/responsible-ai/ai-act-annex-iii-checklist.md index e2c7d00..07fb812 100644 --- a/skills/ms-ai-governance/references/responsible-ai/ai-act-annex-iii-checklist.md +++ b/skills/ms-ai-governance/references/responsible-ai/ai-act-annex-iii-checklist.md @@ -427,10 +427,12 @@ Den nye forvaltningsloven (vedtatt 3. juni 2025, Prop. 79 L (2024-2025)) innehol | 1. aug 2024 | AI Act trådt i kraft | Alle | | 2. feb 2025 | Forbud mot uakseptable systemer (Art. 5) | Providers og deployers | | 2. aug 2025 | Krav for GPAI-modeller (Art. 51-56) | GPAI-providers (OpenAI, etc.) | -| 2. aug 2026 | Høyrisiko-krav trer i kraft (Art. 6-27) | Providers og deployers | -| 2. aug 2026 | EU-databaseregistrering påkreves | Providers av høyrisiko-systemer | +| 2. des 2027 | Høyrisiko-krav trer i kraft (Art. 6-27) — *utsatt fra 2. aug 2026 (Omnibus, provisorisk)* | Providers og deployers | +| 2. des 2027 | EU-databaseregistrering påkreves — *utsatt (Omnibus, provisorisk)* | Providers av høyrisiko-systemer | | 2. aug 2027 | Full conformity assessment påkreves | Providers av høyrisiko-systemer | -| 2. aug 2030 | Overgangsperiode utløper for eksisterende systemer | Systemer lansert før aug 2026 | +| 2. aug 2030 | Overgangsperiode utløper for eksisterende systemer | Systemer lansert før ikrafttredelse | + +> **Digital Omnibus (provisorisk, mai 2026):** Høyrisiko-tidslinjen over er endret — Annex III-høyrisiko utsatt til 2. des 2027, Annex I-innebygd til 2. aug 2028. Nedstrøms datoer (conformity, grandfathering) forskyves tilsvarende. Trer i kraft først ved OJ-publisering (ventet før 2. aug 2026). Re-verifiser mot endelig tekst. **Norsk implementering:** - Lovutkast publisert 30. juni 2025 diff --git a/skills/ms-ai-governance/references/responsible-ai/ai-act-classification-methodology.md b/skills/ms-ai-governance/references/responsible-ai/ai-act-classification-methodology.md index faeab94..027c257 100644 --- a/skills/ms-ai-governance/references/responsible-ai/ai-act-classification-methodology.md +++ b/skills/ms-ai-governance/references/responsible-ai/ai-act-classification-methodology.md @@ -1,6 +1,6 @@ # EU AI Act — Systematisk Klassifiseringsmetodikk -Last updated: 2026-02 +Last updated: 2026-06-18 Status: GA Category: Responsible AI & Governance @@ -277,4 +277,4 @@ Bruk denne filen når brukeren trenger å klassifisere et AI-system under EU AI - FRIA påkrevd → `ai-act-fria-template.md` - Offentlig sektor governance → `../norwegian-public-sector-governance/` -**Viktig presisering:** Per februar 2026 er forbudte praksiser (Art. 5) i kraft. Høyrisiko-krav (Art. 9-27) gjelder fra august 2026. GPAI-krav fra august 2025. Transparenskrav (Art. 50) fra august 2026. +**Viktig presisering (oppdatert 2026-06):** Forbudte praksiser (Art. 5) i kraft siden feb 2025. GPAI-krav i kraft siden aug 2025. Transparenskrav (Art. 50) gjelder fra 2. aug 2026 (eksisterende generative systemer: maskinlesbar merking innen 2. des 2026, Art. 50(2)). Høyrisiko-krav (Art. 9-27) er **utsatt fra 2. aug 2026 til 2. des 2027** via Digital Omnibus (provisorisk, avventer OJ-publisering; Kommisjonen kan fremskynde til 6 mnd etter at standarder foreligger). diff --git a/skills/ms-ai-governance/references/responsible-ai/ai-act-conformity-assessment.md b/skills/ms-ai-governance/references/responsible-ai/ai-act-conformity-assessment.md index 3404de3..bda61cf 100644 --- a/skills/ms-ai-governance/references/responsible-ai/ai-act-conformity-assessment.md +++ b/skills/ms-ai-governance/references/responsible-ai/ai-act-conformity-assessment.md @@ -1,6 +1,6 @@ # EU AI Act — Samsvarsvurdering og EU-samsvarserklæring -**Last updated:** 2026-02 +**Last updated:** 2026-06-18 **Status:** GA **Category:** Responsible AI & Governance @@ -329,14 +329,15 @@ For offentlig sektor anbefales å avvente Datatilsynets veiledning og holde dial ### EØS-overgangsordninger -EU AI Act trer formelt i kraft i EU fra 2. august 2024 med stegvise ikrafttredelsesdatoer: -- **2. august 2025:** Forbud mot uakseptabel risiko (Art. 5) gjelder -- **2. august 2026:** Høyrisiko-krav (Art. 6–49), inkl. samsvarsvurdering og CE-merking -- **2. august 2027:** Systemer som allerede er i drift (grandfathering-periode utløper) +EU AI Act trådte i kraft i EU 1. august 2024 med stegvise ikrafttredelsesdatoer: +- **2. februar 2025:** Forbud mot uakseptabel risiko (Art. 5) gjelder +- **2. august 2025:** GPAI-krav + governance/sanksjoner (Art. 99) +- **2. desember 2027:** Høyrisiko-krav (Art. 6–49), inkl. samsvarsvurdering og CE-merking — *utsatt fra 2. aug 2026 via Digital Omnibus (provisorisk, avventer OJ)* +- **2. august 2028:** Høyrisiko innebygd i regulerte produkter (Annex I) EØS-innlemmelse forventes å skje med noe forsinkelse (typisk 1–2 år). Norske virksomheter som leverer tjenester i EU/EØS, må likevel etterleve EU AI Act fra ikrafttredelsesdatoene for å operere i EU-markedet. -**Anbefaling:** Forbered samsvarsvurdering nå, slik at CE-merking er klar til 2. august 2026. +**Anbefaling:** Forbered samsvarsvurdering i god tid før fristen (2. des 2027, provisorisk). Selv om Omnibus gir mer tid, anbefales tidlig forberedelse — datoen kan fremskyndes når harmoniserte standarder foreligger. --- diff --git a/skills/ms-ai-governance/references/responsible-ai/ai-act-deployer-obligations.md b/skills/ms-ai-governance/references/responsible-ai/ai-act-deployer-obligations.md index 269e66b..b832251 100644 --- a/skills/ms-ai-governance/references/responsible-ai/ai-act-deployer-obligations.md +++ b/skills/ms-ai-governance/references/responsible-ai/ai-act-deployer-obligations.md @@ -1,6 +1,6 @@ # EU AI Act — Forpliktelser for Brukere (Deployers) -Last updated: 2026-02 +Last updated: 2026-06-18 Status: GA Category: Responsible AI & Governance @@ -162,7 +162,7 @@ Sjekkliste for innkjøp av AI-systemer — bruk ved anskaffelse av høyrisiko-AI **Leverandørdokumentasjon (13 punkter):** -- [ ] **1. CE-merking verifisering** — Bekreftet CE-merking for det aktuelle AI-systemet? (gjelder fra august 2026) +- [ ] **1. CE-merking verifisering** — Bekreftet CE-merking for det aktuelle AI-systemet? (gjelder fra 2. des 2027, utsatt via Omnibus — provisorisk) - [ ] **2. Samsvarserklæring (DoC)** — Provider har utstedt samsvarserklæring (Art. 47)? - [ ] **3. Bruksanvisning kvalitet** — Bruksanvisning (Art. 13) dekker alle påkrevde elementer? (se provider-obligations.md) - [ ] **4. Teknisk dokumentasjon** — Provider kan levere Annex IV-dokumentasjon på forespørsel? diff --git a/skills/ms-ai-governance/references/responsible-ai/ai-act-microsoft-tools-mapping.md b/skills/ms-ai-governance/references/responsible-ai/ai-act-microsoft-tools-mapping.md index 465cfa2..0c1b598 100644 --- a/skills/ms-ai-governance/references/responsible-ai/ai-act-microsoft-tools-mapping.md +++ b/skills/ms-ai-governance/references/responsible-ai/ai-act-microsoft-tools-mapping.md @@ -202,7 +202,7 @@ Anbefalt sekvens basert på AI Act-ikrafttredelsesdatoer og risikoprioritering: ### Fase 2: Q2 2026 — Dokumentasjon og risikostyring -**Prioritet:** Oppfylle Art. 9, 10, 11 og 13-krav i god tid før august 2026 +**Prioritet:** Oppfylle Art. 9, 10, 11 og 13-krav i god tid før høyrisiko-fristen (2. des 2027, provisorisk — utsatt fra aug 2026 via Omnibus) 5. **Azure AI Foundry Evaluation:** Konfigurér automatisert evalueringspipeline (Art. 9 + Art. 11) 6. **Responsible AI Dashboard:** Kjør bias- og fairness-analyse (Art. 10) diff --git a/skills/ms-ai-governance/references/responsible-ai/ai-act-provider-obligations.md b/skills/ms-ai-governance/references/responsible-ai/ai-act-provider-obligations.md index 9c0109d..526331b 100644 --- a/skills/ms-ai-governance/references/responsible-ai/ai-act-provider-obligations.md +++ b/skills/ms-ai-governance/references/responsible-ai/ai-act-provider-obligations.md @@ -1,6 +1,6 @@ # EU AI Act — Forpliktelser for Tilbydere (Providers) -Last updated: 2026-02 +Last updated: 2026-06-18 Status: GA Category: Responsible AI & Governance @@ -10,7 +10,7 @@ Category: Responsible AI & Governance En provider er enhver juridisk eller fysisk person som utvikler et AI-system (eller får det utviklet) og markedsfører det under sitt navn eller varemerke, enten mot betaling eller gratis (Art. 3(3)). For høyrisiko-AI-systemer gjelder et omfattende sett med forpliktelser under Art. 9-27. -Bøter ved brudd: Opptil **30 millioner EUR eller 6 % av global omsetning** (Art. 99(3)). +Bøter ved brudd (Art. 99): forbudte praksiser (Art. 5) opptil **€35 mill / 7 %** av global omsetning (Art. 99(3)); brudd på øvrige forpliktelser — inkludert provider-krav for høyrisiko (Art. 9–27) — opptil **€15 mill / 3 %** (Art. 99(4)); uriktig/villedende informasjon til myndigheter opptil **€7,5 mill / 1 %** (Art. 99(5)). For SMB-er/oppstartsselskap gjelder det laveste av beløp/prosent. --- diff --git a/skills/ms-ai-governance/references/responsible-ai/responsible-ai-training-awareness.md b/skills/ms-ai-governance/references/responsible-ai/responsible-ai-training-awareness.md index dd18525..a96a4b7 100644 --- a/skills/ms-ai-governance/references/responsible-ai/responsible-ai-training-awareness.md +++ b/skills/ms-ai-governance/references/responsible-ai/responsible-ai-training-awareness.md @@ -384,7 +384,7 @@ Norsk offentlig sektor har strengere krav til AI training og awareness enn priva |--------|----------------------------|-------------------|----------------------| | **AI bias-incident** (f.eks. diskriminering i rekruttering) | 30 % | Omdømmetap, rettssaker (1-10 mill NOK) | 80 % reduksjon | | **Privacy breach** (AI eksponerer sensitive data) | 20 % | GDPR-bøter (opp til 4 % av omsetning) | 90 % reduksjon | -| **Regulatory non-compliance** (EU AI Act) | 50 % (når Act trer i kraft) | Bøter (opp til 30 mill EUR) | 95 % reduksjon | +| **Regulatory non-compliance** (EU AI Act) | 50 % (når Act trer i kraft) | Bøter (opp til €35 mill / 7 %) | 95 % reduksjon | | **User mistrust** (brukere stoler ikke på AI-systemer) | 60 % | Redusert adopsjonsrate, tapte effektiviseringsgevinster | 70 % reduksjon | | **Wasted AI investments** (prosjekter feiler i prod) | 40 % | 500 000 - 5 mill NOK per feilet prosjekt | 60 % reduksjon | diff --git a/skills/ms-ai-governance/references/responsible-ai/transparency-documentation-standards.md b/skills/ms-ai-governance/references/responsible-ai/transparency-documentation-standards.md index a489ad6..77450e1 100644 --- a/skills/ms-ai-governance/references/responsible-ai/transparency-documentation-standards.md +++ b/skills/ms-ai-governance/references/responsible-ai/transparency-documentation-standards.md @@ -686,7 +686,7 @@ Hva er målgruppen? Trenger de technical details eller intuitive forklaringer?" **Når kunde sier: "Transparency er for dyrt"** **Cosmo:** "Transparency har upfront cost, men preventerer costlier incidents senere. Breakdown: -- **Compliance cost:** Bøter for EU AI Act non-compliance: Opptil 6% av global omsetning +- **Compliance cost:** Bøter for EU AI Act non-compliance: opptil €35 mill / 7 % av global omsetning (Art. 5-forbud; øvrige brudd €15 mill / 3 %) - **Incident cost:** Reputational damage ved non-disclosed AI failure: Unmålbar - **Tooling cost:** Azure ML Responsible AI dashboard: ~NOK 20-50 per scorecard From 68d29f60f0ea8886214f788179dbc8c554580f25 Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 12:09:43 +0200 Subject: [PATCH 004/309] fix(ms-ai-architect): MAF 1.0 GA + A2A v1.0 + Agent 365-pris (orkestrering currency) - MAF 1.0 GA 2026-04-03: orkestreringsmonstre Experimental -> GA; SK+AutoGen konvergert (vedlikehold). - A2A: protokoll v1.0 stabil, MEN A2A-SDK/MAF-pakker fortsatt preview (nyanse bevart). - Agent 365: rettet feilaktig 'ingen ekstra kostnad' -> separat SKU ~$15/bruker/mnd (GA 2026-05-01); kilde MS Community Hub + uavh. analyse (ikke pa learn.microsoft.com). Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- .../agent-365-governance-and-deployment.md | 15 ++++++++++----- .../agent-to-agent-a2a-protocol.md | 14 ++++++++++---- .../semantic-kernel-agents-implementation.md | 16 +++++++++------- 3 files changed, 29 insertions(+), 16 deletions(-) diff --git a/skills/ms-ai-engineering/references/agent-orchestration/agent-365-governance-and-deployment.md b/skills/ms-ai-engineering/references/agent-orchestration/agent-365-governance-and-deployment.md index f880033..d40ad80 100644 --- a/skills/ms-ai-engineering/references/agent-orchestration/agent-365-governance-and-deployment.md +++ b/skills/ms-ai-engineering/references/agent-orchestration/agent-365-governance-and-deployment.md @@ -1,7 +1,7 @@ # Agent 365 Governance and Enterprise Deployment -**Last updated:** 2026-05 -**Status:** GA +**Last updated:** 2026-06-18 +**Status:** GA (1. mai 2026) **Category:** Agent Orchestration & Automation --- @@ -299,12 +299,14 @@ New-MgIdentityGovernanceLifecycleWorkflow -BodyParameter $params ### Lisenskrav +**Viktig:** Microsoft Agent 365 er en **separat, betalt SKU** — ikke inkludert i Microsoft 365 Copilot-lisensen. Den ble GA **1. mai 2026** til **~$15/bruker/måned** (standalone), eller som del av Microsoft 365 E7 («Frontier Suite», ~$99/bruker/måned, som bundler M365 E5 + Microsoft 365 Copilot + Agent 365 + Entra Suite). Standalone-lisensen krever en kvalifiserende baselinjelisens (M365 E5, Defender + Purview Suite FLW, eller Business Premium). Én per-bruker-lisens dekker alle agentene til den brukeren. + | Komponent | Lisens påkrevd | Notater | |-----------|----------------|---------| -| **Agent 365 Admin Controls** | Microsoft 365 Copilot license (per user) | Inkludert i Copilot-lisensen | +| **Agent 365** | Separat Agent 365-SKU (~$15/bruker/mnd) ELLER M365 E7 (~$99/bruker/mnd) | GA 1. mai 2026. Standalone krever kvalifiserende baselinje (M365 E5 / Defender+Purview FLW / Business Premium) | | **Agent Builder** | Microsoft 365 Copilot license | For å *opprette* agents | | **Copilot Studio Agents** | Power Apps/Power Automate premiumlicense ELLER Pay-as-you-go | For customs agents med advanced capabilities | -| **Agent 365 License (auto-assign)** | Automatisk ved aktivering (Default Template) | Ingen ekstra kostnad ut over Copilot-lisens | +| **Agent 365 License (auto-assign)** | Krever at tenant har Agent 365-SKU; auto-tildeles ved aktivering (Default Template) | Auto-assign eliminerer manuell lisenstildeling, men **ikke** lisenskostnaden — Agent 365 er en betalt tillegg-SKU | ### Kostnadsoptimalisering @@ -362,9 +364,12 @@ New-MgIdentityGovernanceLifecycleWorkflow -BodyParameter $params - [Microsoft 365 Agents Deployment Checklist](https://learn.microsoft.com/en-us/copilot/microsoft-365/agent-essentials/m365-agents-checklist) – **Confidence: Verified** - [Graph API Code Samples for Lifecycle Workflows](https://learn.microsoft.com/en-us/graph/tutorial-lifecycle-workflows-onboard-custom-workflow) – **Confidence: Verified** +### Pris og GA (Verified, 2026-06-18) +- **Agent 365 GA 1. mai 2026, ~$15/bruker/mnd standalone / ~$99/bruker/mnd i M365 E7** — verifisert via Microsoft Community Hub-kunngjøring («Agent 365 will be generally available on May 1, 2026») og uavhengig lisensanalyse (SAMexpert, FindSkill). Standalone krever kvalifiserende baselinjelisens. + ### Seksjoner med Baseline Confidence - **Offentlig sektor (Norge)** – Baseline (basert på Forvaltningsloven, AI Act, GDPR-fortolkning) -- **Kostnadsoptimalisering** – Baseline (generelle prinsipper, ikke produkt-spesifikke priser fra Microsoft Learn) +- **Kostnadsoptimalisering** – Baseline (generelle prinsipper) — men Agent 365-SKU-pris (~$15/bruker/mnd) er nå verifisert, se over - **Modenhetsnivå-anbefalinger** – Baseline (syntetisert fra Microsoft Maturity Framework-prinsipper) **Total MCP calls:** 4 (microsoft_docs_search x3, microsoft_docs_fetch x3, microsoft_code_sample_search x1) diff --git a/skills/ms-ai-engineering/references/agent-orchestration/agent-to-agent-a2a-protocol.md b/skills/ms-ai-engineering/references/agent-orchestration/agent-to-agent-a2a-protocol.md index f04be8f..2fb1d54 100644 --- a/skills/ms-ai-engineering/references/agent-orchestration/agent-to-agent-a2a-protocol.md +++ b/skills/ms-ai-engineering/references/agent-orchestration/agent-to-agent-a2a-protocol.md @@ -1,7 +1,7 @@ # Agent2Agent (A2A) Protocol — Åpen Standard for Agent-Interoperabilitet -**Last updated:** 2026-04 | Verified: MCP 2026-04 -**Status:** Preview (Microsoft-implementasjoner) / GA (protokollspesifikasjon v0.3) +**Last updated:** 2026-06-18 | Verified: 2026-06-18 +**Status:** Stabil (protokollspesifikasjon v1.0) / Preview (Microsofts A2A-SDK + Agent Framework A2A-pakker) **Category:** Agent Orchestration & Automation --- @@ -22,7 +22,12 @@ Microsoft har implementert A2A-støtte i **Azure AI Foundry Agent Service**, **C | 50+ partnere (Accenture, Atlassian, Cohere, Salesforce, Microsoft m.fl.) | April 2025 | | Donert til Linux Foundation | Juni 2025 | | Protokollversjon v0.3 | 2025 | -| Microsoft Foundry A2A-støtte (preview) | 2025 | +| Protokollversjon v1.0 (første stabile, produksjonsklare versjon) | 2026 | +| Microsoft Foundry A2A-støtte (preview) | 2025–2026 | + +**A2A v1.0 (stabil):** Den første stabile, produksjonsklare versjonen av protokollen. Fire hovednyheter: **Signed Agent Cards** (kryptografisk verifisering av agentidentitet/metadata før interaksjon på tvers av organisasjonsgrenser), **multi-tenancy** (ett endepunkt kan trygt hoste flere agenter — relevant for SaaS), **multi-protocol bindings** (samme logiske agent eksponert over både JSON-RPC og gRPC), og **versjonsforhandling** (spec-nivå-garanti for bakoverkompatibel migrering fra v0.3 til v1.0). v0.3 er fortsatt støttet — agenter kan annonsere både v0.3 og v1.0 samtidig for gradvis migrering. + +> **Viktig nyanse (juni 2026):** Selve A2A-protokollen er **v1-stabil**, men **Microsofts A2A-SDK og Agent Framework A2A-pakkene** (`agent-framework-a2a`, `Microsoft.Agents.AI.Hosting.A2A`/`.AspNetCore`) er fortsatt i **preview**. Bygg på den stabile v1-protokollen for langsiktig garanti, men behandle .NET-/Python-verktøyet rundt den som experimental — IKKE «GA i MAF». --- @@ -680,7 +685,8 @@ app.MapA2A(agent, "/a2a/my-agent", agentCard: new() 8. **A2A Protocol Specification (offisiell)** - https://a2a-protocol.org/latest/specification/ - - Confidence: **Verified** (Linux Foundation-prosjekt, v0.3, 2025) + - https://a2a-protocol.org/latest/announcing-1.0/ (v1.0-kunngjøring) + - Confidence: **Verified (2026-06-18)** (Linux Foundation-prosjekt; v1.0 er gjeldende stabile versjon, v0.3 fortsatt støttet via versjonsforhandling) 9. **Linux Foundation — A2A Project lansering** - https://www.linuxfoundation.org/press/linux-foundation-launches-the-agent2agent-protocol-project diff --git a/skills/ms-ai-engineering/references/agent-orchestration/semantic-kernel-agents-implementation.md b/skills/ms-ai-engineering/references/agent-orchestration/semantic-kernel-agents-implementation.md index 1406329..862f2c8 100644 --- a/skills/ms-ai-engineering/references/agent-orchestration/semantic-kernel-agents-implementation.md +++ b/skills/ms-ai-engineering/references/agent-orchestration/semantic-kernel-agents-implementation.md @@ -1,9 +1,11 @@ # Semantic Kernel and Microsoft Agent Framework - Implementation Patterns -**Last updated:** 2026-04 | Verified: MCP 2026-04 -**Status:** GA (Agent Orchestration: Experimental) +**Last updated:** 2026-06-18 | Verified: 2026-06-18 +**Status:** GA — Microsoft Agent Framework 1.0 (3. apr 2026), orchestration patterns GA **Category:** Agent Orchestration & Automation +> **Produksjonsklart rammeverk (juni 2026):** Microsoft Agent Framework (MAF) 1.0 nådde GA 3. april 2026 og er det produksjonsklare, open-source rammeverket (.NET + Python) som Semantic Kernel og AutoGen har konvergert inn i. SK og AutoGen er nå i vedlikeholds-/migrasjonsmodus (migration guides finnes); ny utvikling bør bygge på MAF. De fem orkestreringsmønstrene — Sequential, Concurrent, Handoff, Group Chat og Magentic — er **stabile (GA)** i MAF 1.0 med streaming, checkpointing, human-in-the-loop og pause/resume. + --- ## Introduksjon @@ -90,11 +92,11 @@ async for message in agent.invoke(user_message, thread): | Pattern | Koordinering | Typisk bruk | Status | |---------|-------------|-------------|--------| -| **Concurrent** | Broadcast til alle, samle resultater uavhengig | Parallell analyse, ensemble decision making | Experimental | -| **Sequential** | Pass resultat fra én agent til neste i sekvens | Pipelines, multi-stage processing | Experimental | -| **Handoff** | Dynamisk overføring basert på kontekst/regler | Escalation, expert handoff | Experimental | -| **Group Chat** | Alle agenter i gruppe, koordinert av manager | Collaborative problem solving, brainstorming | Experimental | -| **Magentic** | Planner-based manager koordinerer team | Komplekse, generalist multi-agent tasks | Experimental | +| **Concurrent** | Broadcast til alle, samle resultater uavhengig | Parallell analyse, ensemble decision making | GA i MAF 1.0 (3. apr 2026) | +| **Sequential** | Pass resultat fra én agent til neste i sekvens | Pipelines, multi-stage processing | GA i MAF 1.0 (3. apr 2026) | +| **Handoff** | Dynamisk overføring basert på kontekst/regler | Escalation, expert handoff | GA i MAF 1.0 (3. apr 2026) | +| **Group Chat** | Alle agenter i gruppe, koordinert av manager | Collaborative problem solving, brainstorming | GA i MAF 1.0 (3. apr 2026) | +| **Magentic** | Planner-based manager koordinerer team | Komplekse, generalist multi-agent tasks | GA i MAF 1.0 (3. apr 2026) | **Unified interface**: Alle orchestration patterns har samme konstruksjons- og invokasjonsmønster. From 51c1bd8c6c3def83849f40637c234e1e1e9ba51b Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 12:13:56 +0200 Subject: [PATCH 005/309] fix(ms-ai-architect): ROS + DPIA currency (NSM v2.1, OWASP Agentic 2026, EchoLeak, DPF, EUDB, KI-loven) - NSM Grunnprinsipper 2.0/2022 -> 2.1 (2024-05-31). MITRE ATLAS AML.T0051 -> 'LLM Prompt Injection'. - OWASP Top 10 Agentic Apps 2026 (ASI01-10) mappet. NB: tittel-ordlyd fra sekundaerkilder - bekreft mot offisielt OWASP-PDF for v1.16.0-release. - EchoLeak (CVE-2025-32711) lagt til T-INP-02. DPF opprettholdt (Latombe avvist 2025-09-03). EUDB fullfort feb 2025. KI-loven lagt til DPIA-grunnlag. Verifisert mot nsm.no/genai.owasp.org/curia.europa.eu/blogs.microsoft.com/regjeringen.no 2026-06-18. Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- .../dpia-norwegian-methodology-ai.md | 4 +- .../ros-ai-threat-library.md | 37 ++++++++++++++++--- .../ros-methodology-ns5814-iso31000.md | 4 +- .../gdpr-compliance-ai-systems.md | 4 +- 4 files changed, 39 insertions(+), 10 deletions(-) diff --git a/skills/ms-ai-governance/references/norwegian-public-sector-governance/dpia-norwegian-methodology-ai.md b/skills/ms-ai-governance/references/norwegian-public-sector-governance/dpia-norwegian-methodology-ai.md index 8b93b54..20cb8ed 100644 --- a/skills/ms-ai-governance/references/norwegian-public-sector-governance/dpia-norwegian-methodology-ai.md +++ b/skills/ms-ai-governance/references/norwegian-public-sector-governance/dpia-norwegian-methodology-ai.md @@ -1,6 +1,6 @@ # DPIA - Norsk metodikk for AI-systemer -**Last updated:** 2026-02 +**Last updated:** 2026-06-18 **Status:** Gjeldende **Category:** Norwegian Public Sector AI Governance @@ -22,6 +22,8 @@ Etter personvernforordningen artikkel 35 skal det gjennomføres en DPIA når en Ny personopplysningslov av 15. juni 2018, som trådte i kraft 20. juli 2018, gjennomfører GDPR i norsk lov og gjør personvernforordningen til norsk lov. +**KI-loven (gjennomføring av EUs AI Act i norsk rett):** Digitaliserings- og forvaltningsdepartementet sendte utkast til ny lov om kunstig intelligens på høring (høringsfrist 30. september 2025). Loven gjennomfører EUs AI-forordning (AI Act) i norsk rett via EØS-avtalen, og er planlagt å tre i kraft fra sensommeren 2026 — omtrent samtidig som hoveddelen av forordningen gjelder i EU. For DPIA betyr dette at høyrisiko AI-systemer i tillegg til DPIA (GDPR art. 35) også må gjennomføre FRIA (AI Act art. 27) når KI-loven er i kraft. Status per 2026-06-18: lovproposisjon under forberedelse — se [regjeringen.no](https://www.regjeringen.no/no/aktuelt/lov-om-kunstig-intelligens-i-norge-sendes-na-pa-horing/id3113732/) for oppdatert ikrafttredelsesdato. + ### Høyrisikobehandling Det er konsekvensen og sannsynligheten for avvik fra målet (ivaretagelse av rettigheter og friheter) som skal vurderes som større enn normalt. For AI-systemer er følgende forhold særlig relevante: diff --git a/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-ai-threat-library.md b/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-ai-threat-library.md index c0121c1..6fc72ad 100644 --- a/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-ai-threat-library.md +++ b/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-ai-threat-library.md @@ -1,6 +1,6 @@ # AI-trusselbibliotek for ROS-analyse -**Sist oppdatert:** 2026-02 +**Sist oppdatert:** 2026-06-18 **Kategori:** Norwegian Public Sector AI Governance **Status:** Established Practice **Formål:** Strukturert trusselkatalog for ros-analysis-agent — gir deterministisk trusselidentifisering med standardverdier for sannsynlighet og konsekvens @@ -9,7 +9,7 @@ ## Oversikt -Dette biblioteket inneholder **49 trusler fordelt på 9 kategorier** for systematisk AI-risikoidentifisering i norsk offentlig sektor. Biblioteket er forankret i OWASP LLM Top 10 (2025), MITRE ATLAS, NS 5814:2021, og EU AI Act vedlegg III, med tilpasninger for Microsoft-stakken (Azure AI Foundry, Copilot Studio, Power Platform, M365 Copilot). +Dette biblioteket inneholder **49 trusler fordelt på 9 kategorier** for systematisk AI-risikoidentifisering i norsk offentlig sektor. Biblioteket er forankret i OWASP LLM Top 10 (2025), OWASP Top 10 for Agentic Applications 2026, MITRE ATLAS, NS 5814:2021, og EU AI Act vedlegg III, med tilpasninger for Microsoft-stakken (Azure AI Foundry, Copilot Studio, Power Platform, M365 Copilot). Truslene er ment som et deterministisk utgangspunkt: standard sannsynlighet og konsekvens representerer typiske verdier for et gjennomsnittlig offentlig sektorsystem. Agenten justerer disse basert på kontekst (borgermøtende/intern, dataklassifisering, plattformvalg). @@ -71,7 +71,7 @@ Truslene er ment som et deterministisk utgangspunkt: standard sannsynlighet og k | Egenskap | Verdi | |----------|-------| -| **Beskrivelse** | Ondsinnet innhold er skjult i dokumenter, nettsider, e-poster eller andre datakilder som AI-systemet prosesserer som del av en RAG-pipeline eller agentoppgave. Instruksjonene aktiveres når AI-en leser dokumentet og kan få systemet til å utføre uautoriserte handlinger. Særlig farlig i agentbaserte systemer med tilgang til eksterne ressurser. | +| **Beskrivelse** | Ondsinnet innhold er skjult i dokumenter, nettsider, e-poster eller andre datakilder som AI-systemet prosesserer som del av en RAG-pipeline eller agentoppgave. Instruksjonene aktiveres når AI-en leser dokumentet og kan få systemet til å utføre uautoriserte handlinger. Særlig farlig i agentbaserte systemer med tilgang til eksterne ressurser. **Reelt eksempel:** EchoLeak (CVE-2025-32711, CVSS 9.3) — den første kjente zero-click-sårbarheten mot en AI-agent. En ondsinnet e-post med skjulte instruksjoner fikk M365 Copilot til å eksfiltrere sensitivt innhold (chatlogg, OneDrive, SharePoint, Teams) uten brukerinteraksjon, gjennom en «LLM Scope Violation» som omgikk Microsofts XPIA-klassifikator. Oppdaget av Aim Labs, rapportert til MSRC og fullt patchet av Microsoft i 2025. | | **Standard sannsynlighet** | 3/5 | | **Standard konsekvens** | 4/5 | | **Standard risikoscore** | 12 (Oransje) | @@ -80,6 +80,7 @@ Truslene er ment som et deterministisk utgangspunkt: standard sannsynlighet og k | **Plattformrelevans** | Azure AI Foundry (RAG-pipelines), Copilot Studio (websøk, SharePoint), M365 Copilot | | **Microsoft-kontroll** | Azure AI Content Safety Prompt Shields (indirect attack), grounded-only svar, dokumentsandkasse i Azure AI Foundry | | **OWASP LLM** | LLM01:2025 — Prompt Injection (indirect) | +| **OWASP Agentic** | ASI01:2026 — Agent Goal Hijack | | **MITRE ATLAS** | AML.T0051.001 — Indirect Prompt Injection | --- @@ -533,6 +534,29 @@ Truslene er ment som et deterministisk utgangspunkt: standard sannsynlighet og k --- +## OWASP Top 10 for Agentic Applications 2026 — mapping til biblioteket + +OWASP Gen AI Security Project publiserte **OWASP Top 10 for Agentic Applications 2026** (versjon for 2026, publisert 9. desember 2025) som et eget rammeverk for agent-spesifikke risikoer, til forskjell fra OWASP LLM Top 10 som dekker LLM-applikasjoner generelt. For agentbaserte AI-systemer (Azure AI Foundry-agenter, Copilot Studio autonome agenter, Power Automate agentflows) skal ROS-analysen vurdere disse ti kategoriene i tillegg til OWASP LLM Top 10. + +> **Merknad om kilde:** Kategori-ID-ene (ASI01–ASI10) er verifisert mot flere uavhengige kilder. Den eksakte engelske tittel-ordlyden varierer noe mellom sekundærkilder (genai.owasp.org publiserer den autoritative listen i et nedlastbart dokument); ID-ene og kjernebegrepene under er konsistente på tvers av kilder. + +| ID | Kategori (engelsk) | Kort beskrivelse | Relaterte trusler i dette biblioteket | +|----|--------------------|------------------|----------------------------------------| +| **ASI01** | Agent Goal Hijack | Angriper manipulerer agentens mål/beslutningsvei, ofte via indirekte input (dokumenter, eksterne datakilder) | T-INP-02, T-AGT-01, T-AGT-06 | +| **ASI02** | Tool Misuse & Exploitation | Agenten bruker legitime verktøy på usikre måter (parameter-forgiftning, tool chain-manipulasjon, misbruk av tildelte tillatelser) | T-AGT-01, T-OUT-05, T-AGT-03 | +| **ASI03** | Agent Identity & Privilege Abuse | Misbruk av agentens identitet og rettigheter; for brede privilegier | T-DAT-05, T-AGT-01, T-AGT-07 | +| **ASI04** | Agentic Supply Chain Compromise | Kompromittering av agentens forsyningskjede (plugins, MCP, connectors, modeller) | T-SUP-04, T-SUP-06, T-SUP-01 | +| **ASI05** | Unexpected Code Execution | Uventet/uautorisert kodekjøring via agentens verktøy eller miljø | T-SUP-02, T-AGT-01 | +| **ASI06** | Memory & Context Poisoning | Forgiftning av agentens minne eller kontekst over tid | T-DAT-06, T-INP-04, T-DAT-01 | +| **ASI07** | Insecure Inter-Agent Communication | Usikker kommunikasjon mellom agenter (A2A-protokoll, message queue) | T-AGT-02 | +| **ASI08** | Cascading Agent Failures | Kaskadefeil som propagerer gjennom en agentkjede | T-AGT-02, T-AGT-04 | +| **ASI09** | Human-Agent Trust Exploitation | Utnyttelse av menneskets tillit til agenten | T-DAT-03, T-AGT-07 | +| **ASI10** | Rogue Agents | Agenter som opererer utenfor mandat / shadow AI / scheming | T-AGT-06, T-AGT-07 | + +Trusler i biblioteket som har en agentrelevant ASI-mapping er merket med raden **OWASP Agentic** i sin tabell. + +--- + ## Kategori 6: Agent og autonomi (7 trusler) *Trusler spesifikke for AI-agenter med mulighet til å ta selvstendige handlinger, kalle verktøy og orkestrere andre agenter.* @@ -552,6 +576,7 @@ Truslene er ment som et deterministisk utgangspunkt: standard sannsynlighet og k | **Plattformrelevans** | Azure AI Foundry (agenter), Copilot Studio (actions), Power Automate (agentflows) | | **Microsoft-kontroll** | Minste privilegium for agent tool-tilgang, human-in-the-loop for irreversible actions, Azure AI Foundry agent execution policies, konfigurasjonskontroll for tillatte tool-kall | | **OWASP LLM** | LLM06:2025 — Excessive Agency | +| **OWASP Agentic** | ASI02:2026 — Tool Misuse & Exploitation, ASI03:2026 — Agent Identity & Privilege Abuse | | **MITRE ATLAS** | AML.T0051 | --- @@ -569,6 +594,7 @@ Truslene er ment som et deterministisk utgangspunkt: standard sannsynlighet og k | **Plattformrelevans** | Azure AI Foundry (multi-agent), Copilot Studio (agentorkestrering) | | **Microsoft-kontroll** | Agent identity-validering mellom noder, output-validering mellom agentlag, signert agent-til-agent-kommunikasjon (Entra Agent ID), input-sanitering i orchestratoragent | | **OWASP LLM** | LLM06:2025, LLM01:2025 | +| **OWASP Agentic** | ASI07:2026 — Insecure Inter-Agent Communication, ASI08:2026 — Cascading Agent Failures | | **MITRE ATLAS** | AML.T0051.001 | --- @@ -637,7 +663,8 @@ Truslene er ment som et deterministisk utgangspunkt: standard sannsynlighet og k | **Plattformrelevans** | Azure AI Foundry (agenter med verktøytilgang), Copilot Studio (autonome agenter), Power Automate (agentflows) | | **Microsoft-kontroll** | Agent sandbox med konfigurert timeout og maksimum iterasjoner, kill switch for umiddelbar terminering, overvåking av agent-atferd via Azure Monitor med alarmering på avvikende mønstre, minimal tool-scope (kun nødvendige verktøy) | | **OWASP LLM** | LLM06:2025 — Excessive Agency | -| **MITRE ATLAS** | AML.T0051 — LLM Agent Hijacking | +| **OWASP Agentic** | ASI10:2026 — Rogue Agents | +| **MITRE ATLAS** | AML.T0051 — LLM Prompt Injection | --- @@ -867,7 +894,7 @@ Truslene er ment som et deterministisk utgangspunkt: standard sannsynlighet og k | Egenskap | Verdi | |----------|-------| -| **Beskrivelse** | Personopplysninger overføres til tredjelands-servere (særlig USA) uten tilstrekkelig rettslig grunnlag etter GDPR Kapittel V. Schrems II-dommen satte Data Privacy Framework under press, og norsk Datatilsyn har vært klare på at EU Data Boundary er nødvendig for offentlig sektor. Mange AI-tjenester har som default databehandling utenfor EU/EØS. | +| **Beskrivelse** | Personopplysninger overføres til tredjelands-servere (særlig USA) uten tilstrekkelig rettslig grunnlag etter GDPR Kapittel V. EU-US Data Privacy Framework (adekvansbeslutning 2023/1795) ble opprettholdt da EU-Underretten (General Court) avviste søksmålet i Latombe v. Kommisjonen (sak T-553/23) den 3. september 2025 — DPF er dermed gyldig overføringsgrunnlag, men anke til EU-domstolen (ECJ) kan komme. For norsk offentlig sektor anbefales fortsatt EU Data Boundary som primært anker for å redusere tredjelandsoverføring. Mange AI-tjenester har som default databehandling utenfor EU/EØS. | | **Standard sannsynlighet** | 3/5 | | **Standard konsekvens** | 4/5 | | **Standard risikoscore** | 12 (Oransje) | diff --git a/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-methodology-ns5814-iso31000.md b/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-methodology-ns5814-iso31000.md index 5e9a36e..fc7f4a8 100644 --- a/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-methodology-ns5814-iso31000.md +++ b/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-methodology-ns5814-iso31000.md @@ -1,6 +1,6 @@ # ROS-metodikk: NS 5814, ISO 31000 og AI-spesifikke rammeverk -**Sist oppdatert:** 2026-02 +**Sist oppdatert:** 2026-06-18 **Kategori:** Norwegian Public Sector AI Governance **Status:** Established Practice **Formål:** Detaljert metodikkguide for ros-analysis-agent — kobler AI-ROS til etablerte standarder og sikrer revisjonssporbarhet @@ -26,7 +26,7 @@ Alle agentgenererte ROS-rapporter i ms-ai-architect skal være sporbare til mins | NIST AI RMF | 1.0 (2023) | GOVERN–MAP–MEASURE–MANAGE funksjonsrammeverk | | DSB Veileder ROS | 2024 | Helhetlig ROS for kommuner og offentlige virksomheter | | Datatilsynet AI-veileder | 2023 | Personvernkonsekvenser av AI — DPIA-kobling | -| NSM Grunnprinsipper | 2.0 (2022) | IKT-sikkerhetsgrunnlag — tilgjengelighet, integritet, konfidensialitet | +| NSM Grunnprinsipper | 2.1 (31. mai 2024) | IKT-sikkerhetsgrunnlag — tilgjengelighet, integritet, konfidensialitet | --- diff --git a/skills/ms-ai-governance/references/responsible-ai/gdpr-compliance-ai-systems.md b/skills/ms-ai-governance/references/responsible-ai/gdpr-compliance-ai-systems.md index 6808deb..b2c8154 100644 --- a/skills/ms-ai-governance/references/responsible-ai/gdpr-compliance-ai-systems.md +++ b/skills/ms-ai-governance/references/responsible-ai/gdpr-compliance-ai-systems.md @@ -1,6 +1,6 @@ # GDPR Compliance for AI Systems - Data Privacy in Practice -**Last updated:** 2026-05 +**Last updated:** 2026-06-18 **Status:** GA **Category:** Responsible AI & Governance @@ -371,7 +371,7 @@ Norge implementerer GDPR gjennom personopplysningsloven. Datatilsynet er tilsyns **Databehandleravtaler**: Alle AI-tjenester som behandler personopplysninger krever signert databehandleravtale (DPA) mellom kunde (data controller) og Microsoft (data processor). Microsoft tilbyr standard DPA via [Microsoft Products and Services Data Protection Addendum](https://aka.ms/dpa). -**Dataresidency**: Statlige virksomheter foretrekker norske datasentre (Norway East, Norway West). For høy klassifisering (Fortrolig, Strengt Fortrolig) kan dataresidency være lovpålagt. Azure tilbyr EU Data Boundary-commitment som sikrer at data forblir i EU/EØS. +**Dataresidency**: Statlige virksomheter foretrekker norske datasentre (Norway East, Norway West). For høy klassifisering (Fortrolig, Strengt Fortrolig) kan dataresidency være lovpålagt. Microsoft **fullførte EU Data Boundary i februar 2025** (tredje og siste fase, annonsert 26. februar 2025): kundedata, pseudonymiserte personopplysninger og profesjonelle tjenestedata (support) for kjernetjenestene Microsoft 365, Dynamics 365, Power Platform og de fleste Azure-tjenester lagres og behandles nå innenfor EU og EFTA. EU Data Boundary er dermed et produksjonssatt anker (ikke lenger «commitment under utrulling») for å holde data i EU/EØS. **Skytjenester i offentlig sektor**: Bruk av skytjenester må vurderes mot Digitaliseringsdirektoratets veileder for risikostyring og Datatilsynets veileder om bruk av skytjenester. AI-systemer må gjennomgå DPIA før produksjonssetting. From 84e3cfaa0336c7775de6eb0072378a8443c5af75 Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 12:45:21 +0200 Subject: [PATCH 006/309] =?UTF-8?q?fix(ms-ai-architect):=20re-baseline=20k?= =?UTF-8?q?ostnadslaget=20(GPT-5=20$1.25/$10,=20=C3=A9n=20prissannhet,=201?= =?UTF-8?q?0=20filer)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Audit-funn Tema B + action-items 149/150. Verifiseringen avdekket at kostnadslag-råten var bredere enn auditens 3 navngitte filer (10 filer totalt). - GPT-5 flagship $10-15/$40-60 -> $1.25/$10.00 (verifisert juni 2026, 8-12x for hoy). gpt-5-mini $0.25/$2.00, gpt-5-nano $0.05/$0.40. Fjernet falske "Verified MCP"-stempel pa estimat-band. - deterministic-cost-calculation-model.md gjort til ENESTE kanoniske prissannhet (§1.1). Strippet duplikat pris-tabell fra cost-models.md (rotarsak til GPT-4o $10/$30-motsetning) -> peker til registeret. - Reconcile-funn utover audit: deterministic hadde GPT-4.1-serien HALVERT ($1/$4 og $0.20/$0.80) -> verifisert $2.00/$8.00 og $0.40/$1.60. multi-model-strategy-costs.md NOK-tabell var fabrikkert 10-47x for hoy (gpt-4o 250/1000 NOK -> 26/105). model-selection (GPT-5 $3/$12), reasoning-models (GPT-5 $20-30/$80-100), token-counting (gpt-4.1 cached $1->$0.50), small-language-models (GPT-4o output 60->105 NOK) rettet. - Recalk alle NOK-scenarioer reproduserbart: gpt-5 ~= gpt-4.1 i kost (ikke 30-55x dyrere som gammel tekst pasto) - billigere input ($1.25 vs $2.00), dyrere output. Reell kostnadsdriver = resonnerings-tokens (fakturert som output). - Fjernet GPT-3.5 Turbo-anbefaling (utfaset). Alignet kurs 11->10.5 NOK/USD i cost-kommando. Cost-agent eksempel: legacy GPT-4 -> GPT-4o-mini, fjernet falskt Verified-stempel. - kb-update apply cost-bucket deferret til task #8 (kommando-feature, ikke tall-justering). Verifisert mot OpenAI API pricing + Azure OpenAI pricing via WebSearch 2026-06-18. validate-plugin.sh 219 PASS. Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- agents/cost-estimation-agent.md | 2 +- commands/cost.md | 2 +- .../references/architecture/cost-models.md | 34 ++++--- .../reasoning-models-o1-o3-optimization.md | 21 ++-- .../deterministic-cost-calculation-model.md | 22 ++++- .../gpt5-gpt41-pricing-models.md | 99 ++++++++++--------- .../model-selection-price-performance.md | 19 ++-- .../multi-model-strategy-costs.md | 27 ++--- .../small-language-models-economics.md | 14 +-- .../token-counting-optimization.md | 9 +- 10 files changed, 140 insertions(+), 109 deletions(-) diff --git a/agents/cost-estimation-agent.md b/agents/cost-estimation-agent.md index 1fc5e50..7458e10 100644 --- a/agents/cost-estimation-agent.md +++ b/agents/cost-estimation-agent.md @@ -134,7 +134,7 @@ Brief description of what we're estimating. | Component | SKU/Tier | Quantity | Unit Price (NOK) | Monthly Cost (NOK) | Status | |-----------|----------|----------|------------------|-------------------|---------| -| Azure OpenAI GPT-4 | S0 | 1M tokens | 0.50/1K | 500 | ✅ Verified | +| Azure OpenAI GPT-4o-mini | Global Standard | per 1M tokens | $0.15/$0.60 (§1.1) | 500 | ✅ Verifisert | | AI Search | Standard S1 | 1 unit | 2 100 | 2 100 | ✅ Verified | | Storage | Standard LRS | 100 GB | 0.20/GB | 20 | ✅ Verified | | Copilot Studio | Capacity | 10 000 msgs | 200/1000 | 2 000 | ⚠️ Estimated | diff --git a/commands/cost.md b/commands/cost.md index 25df05e..06c57c4 100644 --- a/commands/cost.md +++ b/commands/cost.md @@ -88,7 +88,7 @@ Tilby: ## Retningslinjer -- ALLTID presenter i NOK (bruk kurs ~11 NOK/USD hvis nødvendig) +- ALLTID presenter i NOK (kanonisk kurs 10,50 NOK/USD, jf. `deterministic-cost-calculation-model.md` §5 — verifiser aktuell midtkurs) - ALLTID inkluder disclaimer om at priser endres - ALLTID skill mellom verifisert, baseline og estimert - ALDRI gi eksakte priser uten kildeangivelse diff --git a/skills/ms-ai-advisor/references/architecture/cost-models.md b/skills/ms-ai-advisor/references/architecture/cost-models.md index bf430c3..d402869 100644 --- a/skills/ms-ai-advisor/references/architecture/cost-models.md +++ b/skills/ms-ai-advisor/references/architecture/cost-models.md @@ -1,7 +1,8 @@ # Cost Models - Microsoft AI Platforms -**Last updated:** 2026-04 (research via microsoft-learn MCP) +**Last updated:** 2026-06 (token-pris-tabell strippet → kanonisk register; scenario-utregninger korrigert) **Disclaimer:** Prices change frequently. Always verify at azure.microsoft.com/pricing +**Prissannhet:** Rå token-priser eies av `deterministic-cost-calculation-model.md` §1.1 — ikke dupliser tabeller her. --- @@ -37,14 +38,20 @@ Microsoft AI-plattformene har ulike prismodeller tilpasset forskjellige bruksomr ### Modellpriser (per 1 million tokens) +> **Token-priser vedlikeholdes ÉN plass.** Det kanoniske enhetspris-registeret ligger i `deterministic-cost-calculation-model.md` §1.1 (skills/ms-ai-security/references/cost-optimization/). Denne fila dupliserer ikke pris-tabeller — duplikatet skapte tidligere motstridende tall (GPT-4o sto her som $10/$30, mens registeret korrekt har $2.50/$10). Bruk alltid det kanoniske registeret for rå input/output-priser; ved konflikt vinner registeret. + +**Hurtigankere (verifisert 2026-06 — kryssjekk alltid mot registeret):** + | Modell | Input | Output | Bruksområde | |--------|-------|--------|-------------| -| **GPT-4o** | $10 | $30 | Generell bruk, balanse kostnad/kvalitet | -| **GPT-4o-mini** | $0.165 | $0.66 | Kostnadseffektiv, enklere oppgaver | -| **GPT-4 Turbo** | $10 | $30 | Komplekse oppgaver, lengre kontekst | -| **GPT-3.5 Turbo** | $0.50 | $1.50 | Enkel chat, høy hastighet | -| **o1-preview** (reasoning) | $15 | $60 | Kompleks resonnering, analyse | -| **o1-mini** (reasoning) | $3 | $12 | Rimeligere resonnering | +| **GPT-4o** | $2.50 | $10.00 | Generell bruk, balanse kostnad/kvalitet | +| **GPT-4o-mini** | $0.15 | $0.60 | Kostnadseffektiv, enklere oppgaver | +| **GPT-4.1** | $2.00 | $8.00 | Høyt volum, 1M kontekst | +| **GPT-4.1-mini** | $0.40 | $1.60 | Default i Copilot Studio | +| **GPT-5** | $1.25 | $10.00 | Dyp resonnering (registreringskrav) | +| **GPT-5-mini** | $0.25 | $2.00 | Resonnering ved moderat volum | +| **GPT-5-nano** | $0.05 | $0.40 | Klassifisering, høyt volum | +| **o3-mini** (reasoning) | $1.10 | $4.40 | Rimeligere resonnering | **Vision-enabled models:** - Bilder: 85–1105 tokens per bilde (avhenger av oppløsning) @@ -247,7 +254,7 @@ Azure AI Foundry er en **orkestreringsplattform** som benytter flere Azure-tjene - Azure OpenAI (GPT-4o mini for sammendrag): - Input: ~1M tokens (200 tokens/side × 10 sider × 500 docs) - Output: ~100K tokens - - Kostnad: `(1M × $0.165/M) + (0.1M × $0.66/M) = $0.165 + $0.066 = $0.23` + - Kostnad: `(1M × $0.15/M) + (0.1M × $0.60/M) = $0.15 + $0.06 = $0.21` - Document Intelligence: - OCR: 5000 sider × basic meter ≈ $25–$50 - Storage/Compute: ~$10/måned @@ -285,10 +292,10 @@ Azure AI Foundry er en **orkestreringsplattform** som benytter flere Azure-tjene - Azure OpenAI (GPT-4o): - RAG input: 5M tokens/måned - Output: 1M tokens/måned - - Kostnad: `(5M × $10/M) + (1M × $30/M) = $50 + $30 = $80` + - Kostnad: `(5M × $2.50/M) + (1M × $10/M) = $12.50 + $10 = $22.50` - Compute (VM for hosting): ~$200/måned -**Månedskostnad: ~$385** +**Månedskostnad: ~$328** --- @@ -348,9 +355,9 @@ Azure AI Foundry er en **orkestreringsplattform** som benytter flere Azure-tjene ### Generelle strategier **1. Right-size modellvalg** -- Bruk GPT-4o-mini for enkle oppgaver → 94% billigere enn GPT-4o -- Bruk GPT-3.5 Turbo for chat → 85% billigere enn GPT-4o -- Bruk reasoning models (o1) kun for komplekse problemer +- Bruk GPT-4o-mini for enkle oppgaver → ~94% billigere enn GPT-4o +- Bruk GPT-4.1-nano / GPT-5-nano for klassifisering og tagging → billigste nivå +- Bruk reasoning-modeller (GPT-5, o3-mini) kun for komplekse problemer **2. Prompt engineering** - Kortere prompts = færre input tokens @@ -590,4 +597,5 @@ Azure AI Foundry er en **orkestreringsplattform** som benytter flere Azure-tjene - **2026-01:** Opprettet (basert på microsoft-learn MCP research) - **2026-04:** Oppdatert — agent flow enforcement, billing URL oppdatert (Verified MCP 2026-04) +- **2026-06:** Token-pris-tabell strippet (fjernet duplikat som ga GPT-4o $10/$30-motsetning mot deterministic-registeret); erstattet med hurtigankere + peker til kanonisk register. Scenario 2 og 4 utregninger korrigert til verifiserte priser. GPT-3.5 Turbo-anbefaling fjernet (utfaset). Reasoning-modell-referanse o1 → GPT-5/o3-mini. - **Disclaimer:** Priser endres hyppig; verifiser alltid via offisielle kilder før budsjettbeslutninger. diff --git a/skills/ms-ai-advisor/references/prompt-engineering/reasoning-models-o1-o3-optimization.md b/skills/ms-ai-advisor/references/prompt-engineering/reasoning-models-o1-o3-optimization.md index b4ca435..0b93594 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/reasoning-models-o1-o3-optimization.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/reasoning-models-o1-o3-optimization.md @@ -397,17 +397,18 @@ Reasoning models prises med **separate satser** for reasoning tokens og completi **Eksempel (omtrentlige priser per 1M tokens):** -| Modell | Input Tokens | Reasoning Tokens | Output Tokens | Bruksområde | -|--------|--------------|------------------|---------------|-------------| -| `o1` | $15 | $60 | $60 | Balansert reasoning | -| `o3` | $10-20 | $60-80 | $60-80 | Standard reasoning | -| `o3-mini` | $1-3 | $15-25 | $15-25 | Kostnadseffektivt | -| `o4-mini` | $1-3 | $15-25 | $15-25 | Rask og billig | -| `gpt-5` | $20-30 | $80-100 | $80-100 | Premium reasoning | -| `gpt-5-mini` | $3-5 | $20-30 | $20-30 | Balansert premium | -| `codex-mini` | $1-3 | $15-25 | $15-25 | Kode-spesialist | +Reasoning-tokens faktureres til **output-raten** — de er ikke en egen prisklasse. Kolonnen «Reasoning Tokens» under viser derfor output-raten, og kostnaden skaleres med hvor mange reasoning-tokens modellen genererer. -**Merk:** Faktiske priser varierer basert på region, commitment og enterprise agreements. Reasoning tokens kan utgjøre 20-60% av total token count avhengig av effort-nivå. +| Modell | Input (per 1M) | Reasoning/Output (per 1M) | Bruksområde | Kilde | +|--------|----------------|---------------------------|-------------|-------| +| `gpt-5` | $1.25 | $10.00 | Premium reasoning | Verifisert juni 2026 | +| `gpt-5-mini` | $0.25 | $2.00 | Balansert | Verifisert juni 2026 | +| `gpt-5-nano` | $0.05 | $0.40 | Rask, billig reasoning | Verifisert juni 2026 | +| `o3-mini` | $1.10 | $4.40 | Kostnadseffektivt | Verifisert (register §1.1) | +| `o1` | $15.00 | $60.00 | Legacy, balansert | Legacy-rate | +| `o3` / `o4-mini` / `codex-mini` | verifiser | verifiser | Standard/rask reasoning | **Ikke re-verifisert — sjekk Azure prisside** | + +**Merk:** Kanonisk prissannhet er `deterministic-cost-calculation-model.md` §1.1. Reasoning-tokens kan utgjøre 20–60 % av total token-count avhengig av effort-nivå — det er den reelle kostnadsdriveren for resonneringsmodeller, ikke base-raten. ### Optimaliseringstips diff --git a/skills/ms-ai-security/references/cost-optimization/deterministic-cost-calculation-model.md b/skills/ms-ai-security/references/cost-optimization/deterministic-cost-calculation-model.md index 6b09d95..5cad750 100644 --- a/skills/ms-ai-security/references/cost-optimization/deterministic-cost-calculation-model.md +++ b/skills/ms-ai-security/references/cost-optimization/deterministic-cost-calculation-model.md @@ -1,8 +1,9 @@ # Deterministisk kostnadsberegningsmodell for AI-arkitekturvurderinger -**Sist oppdatert:** 2026-05 (v1.1) +**Sist oppdatert:** 2026-06 (v1.2) **Status:** GA **Category:** Cost Optimization & FinOps for AI +**Rolle:** Kanonisk prissannhet — eneste autoritative enhetspris-register for pluginen --- @@ -29,16 +30,27 @@ Modellen sikrer at: | Modell | Input (per 1M tokens) | Cached Input (per 1M tokens) | Output (per 1M tokens) | Kilde | Verifisert | |--------|----------------------|------------------------------|------------------------|-------|------------| -| **GPT-4o** | $2.50 | $1.25 | $10.00 | [Azure OpenAI pricing](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) | 2026-02 | -| **GPT-4o-mini** | $0.15 | $0.075 | $0.60 | [Azure OpenAI pricing](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) | 2026-02 | +| **GPT-5** | $1.25 | $0.125 | $10.00 | [OpenAI API pricing](https://developers.openai.com/api/docs/pricing/) / WebSearch | 2026-06 | +| **GPT-5-mini** | $0.25 | — | $2.00 | [OpenAI API pricing](https://developers.openai.com/api/docs/pricing/) | 2026-06 | +| **GPT-5-nano** | $0.05 | — | $0.40 | [OpenAI API pricing](https://developers.openai.com/api/docs/pricing/) / WebSearch | 2026-06 | +| **GPT-4o** | $2.50 | $1.25 | $10.00 | [Azure OpenAI pricing](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) | 2026-06 | +| **GPT-4o-mini** | $0.15 | $0.075 | $0.60 | [Azure OpenAI pricing](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) | 2026-06 | | **o3-mini** | $1.10 | $0.55 | $4.40 | [Azure OpenAI pricing](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) | 2026-02 | -| **GPT-4.1** | $1.00 | — | $4.00 | [Azure OpenAI pricing](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) | 2026-02 | -| **GPT-4.1-mini** | $0.20 | — | $0.80 | [Azure OpenAI pricing](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) | 2026-02 | +| **GPT-4.1** | $2.00 | $0.50 | $8.00 | [Azure OpenAI pricing](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) | 2026-06 | +| **GPT-4.1-mini** | $0.40 | $0.10 | $1.60 | [Azure OpenAI pricing](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) | 2026-06 | +| **GPT-4.1-nano** | $0.10 | $0.025 | $0.40 | [Azure OpenAI pricing](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) (interpolert) | 2026-06 | | **text-embedding-3-small** | $0.02 | — | — | [OpenAI Pricing](https://developers.openai.com/api/docs/pricing/) | 2026-02 | | **text-embedding-3-large** | $0.13 | — | — | [OpenAI Pricing](https://developers.openai.com/api/docs/pricing/) | 2026-02 | +**Denne tabellen er den kanoniske prissannheten for pluginen.** Alle andre KB-filer (inkl. `cost-models.md` og `gpt5-gpt41-pricing-models.md`) skal referere hit for rå token-priser, ikke duplisere egne tabeller. Ved konflikt vinner denne. + **Merknad:** Azure OpenAI-priser er typisk identiske med OpenAI API-priser for Global Standard deployment. Regional deployment og Data Zone deployment kan ha andre priser. Priser over er per 1 million tokens (1M), ikke per 1K. +**Merknader til enkeltrader (verifiseringsplikt):** +- **GPT-5-mini:** $0.25/$2.00 er OpenAIs publiserte listepris (lansering aug 2025). Enkelte pris-aggregatorer rapporterer en redusert rate ($0.125/$1.00) per 2026 — verifiser mot Azure prisside før formelt estimat. Det konservative tallet ($0.25/$2.00) brukes her for ikke å under-budsjettere. +- **GPT-4.1-serien:** Korrigert 2026-06 fra tidligere halverte verdier ($1.00/$4.00 og $0.20/$0.80) til verifisert listepris ($2.00/$8.00 og $0.40/$1.60). Kilde: Azure Content Understanding-priseksempler + WebSearch juni 2026. +- **Nyere GPT-5-generasjoner** (gpt-5.2 $1.75/$14, gpt-5.4 $2.50/$15, gpt-5.5 $5.00/$30) er verifisert juni 2026 men håndteres i modellkatalogen (`platforms/model-catalog-2026.md`), ikke her. Bruk dem kun når et use case eksplisitt krever den generasjonen. + ### 1.2 Azure AI Search — Månedlig per Search Unit (SU) | Tier | Pris per SU/måned (USD) | Lagring per partisjon | Maks SU | Kilde | Verifisert | diff --git a/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md b/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md index 62aa14c..3d69b46 100644 --- a/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md +++ b/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md @@ -1,8 +1,9 @@ # GPT-5 og GPT-4.1: Prismodeller og kostnadsoptimalisering -**Last updated:** 2026-05 | Verified: MCP 2026-05 +**Last updated:** 2026-06 | Priser verifisert: WebSearch + OpenAI/Azure pricing juni 2026 **Status:** GA (GPT-4.1-serien), GA (GPT-5-serien — `gpt-5` og `gpt-5-codex` har registreringskrav). GPT-5.2 reasoning og GPT-5.3 chat lagt til i Copilot Studio-prompt-builder **Category:** Cost Optimization & FinOps for AI +**Prissannhet:** Rå token-priser eies av `deterministic-cost-calculation-model.md` §1.1 (kanonisk register). Denne fila gir kontekst, scenarioer og rådgivning — ved tallkonflikt vinner registeret. --- @@ -10,16 +11,16 @@ GPT-5- og GPT-4.1-seriene er de to nyeste flaggskipmodellene fra OpenAI tilgjengelig i Azure AI Foundry. De representerer to distinkte designfilosofier: GPT-5 optimalisert for dyp resonnering og komplekse oppgaver, GPT-4.1 optimalisert for hastighet, gjennomstrømming og kostnadseffektivitet. -**Confidence:** Høy (basert på offisiell Microsoft-dokumentasjon, februar 2026) +**Confidence:** Høy (GPT-4.1- og GPT-5-priser verifisert juni 2026 via WebSearch + OpenAI/Azure pricing) Denne referansen dekker: -- Bekreftet og estimert prising per 1M tokens (USD og NOK) +- Bekreftet prising per 1M tokens (USD og NOK) - Deployment-typer og deres kostnadsimplikasjon - Sammenligningstabeller (GPT-4o vs. GPT-4.1 vs. GPT-5) - Copilot Credits-klassifisering per modell - Optimaliserings­strategier og beslutningsveiledning -**Viktig merknad om priser:** Azure prisside (azure.microsoft.com/pricing) benytter JavaScript-rendering og returnerer tomme verdier ved programmatisk henting. Bekreftede priser er hentet fra Microsoft Learn-dokumentasjon og Content Understanding-eksempler. GPT-5-priser er ikke offentlig tilgjengelig som faste tall per februar 2026 — estimater er basert på offentliggjorte ratioer og prishistorikk. +**Viktig merknad om priser:** Azure prisside (azure.microsoft.com/pricing) benytter JavaScript-rendering og returnerer tomme verdier ved programmatisk henting. Priser her er hentet fra Microsoft Learn-dokumentasjon, Content Understanding-eksempler og WebSearch mot OpenAI/Azure pricing (juni 2026). GPT-5-flagshipprisen ($1.25/$10.00) er nå publisert og verifisert — det tidligere estimat-båndet ($10–15/$40–60) var 8–12x for høyt og er fjernet. --- @@ -50,21 +51,20 @@ Denne referansen dekker: --- -### 2. GPT-5-serien — Estimert prising +### 2. GPT-5-serien — Bekreftet prising -**Merk:** GPT-5-priser er ikke publisert som faste tall per februar 2026 (Azure prisside viser `$-`). Estimatene nedenfor er basert på: -1. Dokumentert PTU-ratio: 1 output token = 8 input tokens (kilde: offisiell PTU-dokumentasjon) -2. Offentlig OpenAI API-prising (openai.com/api/pricing) ved lansering august 2025 -3. Prishistorikk og modellfamilieposisjonering +**Verifisert juni 2026** (WebSearch mot OpenAI API pricing + Azure OpenAI pricing). Flagship-tallet $1.25/$10.00 er bekreftet av to uavhengige kilder. PTU-ratioen (1 output ≈ 8 input) er konsistent med prisforholdet ($10.00 / $1.25 = 8). | Modell | Input (per 1M tokens) | Output (per 1M tokens) | Confidence | Merknader | |--------|-----------------------|------------------------|------------|-----------| -| `gpt-5` (Global) | ~$10–15 | ~$40–60 | Lav–Moderat | 1:8 output/input-ratio bekreftet. Absolutt pris ikke publisert i Azure | -| `gpt-5-mini` (Global) | ~$1.50–3 | ~$6–12 | Lav–Moderat | Estimert. ~5–10x billigere enn gpt-5 basert på modellfamiliemønster | -| `gpt-5-nano` (Global) | ~$0.10–0.30 | ~$0.40–1.20 | Lav | Tilsvarer gpt-4.1-nano-prisnivå. Estimert | -| `gpt-5-chat` (Global) | ~$1.50–3 | ~$6–12 | Lav | Preview. Tilsvarer gpt-5-mini. Standard rate i Copilot Credits | +| `gpt-5` (Global) | **$1.25** | **$10.00** | Høy | Cached input $0.125. Registreringskrav | +| `gpt-5-mini` (Global) | **$0.25** | **$2.00** | Moderat | OpenAI listepris (lansering); aggregatorer rapporterer redusert $0.125/$1.00 (2026) — verifiser | +| `gpt-5-nano` (Global) | **$0.05** | **$0.40** | Høy | Billigste GPT-5-nivå | +| `gpt-5-chat` (Global) | ~$1.25 | ~$10.00 | Moderat | Preview (non-reasoning). Følger gpt-5-flagship-rate. Standard rate i Copilot Credits — verifiser | -**OBLIGATORISK:** Verifiser alltid GPT-5-priser på [offisiell Azure OpenAI prisside](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) eller Azure Pricing Calculator før budsjettering. +> **Nyere generasjoner (verifisert juni 2026, håndteres i modellkatalogen):** gpt-5.2 $1.75/$14 · gpt-5.4 $2.50/$15 (mini $0.75/$4.50, nano $0.20/$1.25) · gpt-5.5 $5.00/$30 (cached $0.50). Se `platforms/model-catalog-2026.md`. OpenAIs prisside viser nå 5.4/5.5 som gjeldende flagship-generasjon; `gpt-5` (1.x-generasjonen) er fortsatt tilgjengelig i Azure med prisene over. + +**OBLIGATORISK:** Token-priser endres. Kryssjekk det kanoniske registeret (`deterministic-cost-calculation-model.md` §1.1) og [Azure OpenAI prisside](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) før budsjettering. **Tilgjengelighetsbegrensning:** - `gpt-5` og `gpt-5-codex`: Krever registrering og godkjenning (begrenset tilgang) @@ -122,9 +122,9 @@ Denne referansen dekker: | `gpt-4.1-mini` | $0.40 | $1.60 | Høy | 1M (128K PTU) | Lav–Moderat | Lav | | `gpt-4o` | ~$2.50 | ~$10.00 | Høy | 128K | Moderat | Moderat | | `gpt-4.1` | $2.00 | $8.00 | Høy | 1M (128K PTU) | Moderat | Lav–Moderat | -| `gpt-5-nano` | ~$0.10–0.30 | ~$0.40–1.20 | Lav (estimert) | 400K | Moderat (resonnering) | Lav | -| `gpt-5-mini` | ~$1.50–3.00 | ~$6.00–12.00 | Lav (estimert) | 400K | Høy (resonnering) | Moderat | -| `gpt-5` | ~$10–15 | ~$40–60 | Lav (estimert) | 400K | Svært høy (resonnering) | Høy | +| `gpt-5-nano` | $0.05 | $0.40 | Høy | 400K | Moderat (resonnering) | Lav | +| `gpt-5-mini` | $0.25 | $2.00 | Moderat | 400K | Høy (resonnering) | Moderat | +| `gpt-5` | $1.25 | $10.00 | Høy | 400K | Svært høy (resonnering) | Høy | #### 5b. Relativ kostnad per 1 000 forespørsler (200 input + 100 output tokens) @@ -132,11 +132,11 @@ Denne referansen dekker: |--------|--------------|--------------------------|----------------------| | `gpt-4.1-nano` | $0.06 | ~0.63 NOK | 95% billigere | | `gpt-4.1-mini` | $0.24 | ~2.52 NOK | 80% billigere | +| `gpt-5-mini` | $0.25 | ~2.63 NOK | 79% billigere | | `gpt-4.1` | $1.20 | ~12.60 NOK | Referanse | -| `gpt-5-mini` (estimert midtpunkt) | ~$0.90–1.80 | ~9–19 NOK | ~50% dyrere (estimert) | -| `gpt-5` (estimert midtpunkt) | ~$6–9 | ~63–95 NOK | ~7x dyrere (estimert) | +| `gpt-5` | $1.25 | ~13.13 NOK | ~4% dyrere (≈ paritet med gpt-4.1) | -**Confidence:** Høy for gpt-4.1-serien. Lav for gpt-5-serien (estimerte priser). +**Confidence:** Høy (alle priser verifisert juni 2026). Merk: for denne output-tunge miksen er `gpt-5` ≈ `gpt-4.1` i kost — gpt-5 har billigere input ($1.25 vs $2.00) men dyrere output ($10.00 vs $8.00). Kostnadsdriveren for gpt-5 er resonnerings-tokens (faktureres som output), ikke base-raten. --- @@ -152,26 +152,31 @@ Denne referansen dekker: |--------|---------|---------|------------| | `gpt-4.1-nano` | ~$5.50 | ~58 NOK | Enkel FAQ, høyt volum | | `gpt-4.1-mini` | ~$22 | ~231 NOK | Standard chatbot | +| `gpt-5-mini` | ~$24 | ~249 NOK | Resonnering ved moderat volum | | `gpt-4.1` | ~$110 | ~1 155 NOK | Kompleks kundesupport | -| `gpt-5-mini` (est.) | ~$70–140 | ~735–1 470 NOK | Kun om resonnering er kritisk | +| `gpt-5` | ~$119 | ~1 247 NOK | Dyp resonnering; ≈ gpt-4.1-kost | **Scenario B: Dokumentanalysepipeline (10 000 dokumenter/mnd, 2 000 input + 500 output tokens)** | Modell | USD/mnd | NOK/mnd | Anbefaling | |--------|---------|---------|------------| -| `gpt-4.1-mini` | ~$88 | ~924 NOK | Standardanalyse | -| `gpt-4.1` | ~$440 | ~4 620 NOK | Juridisk/finansiell analyse | -| `gpt-5` (est.) | ~$2 750–4 100 | ~28 875–43 050 NOK | Kun om deep reasoning er nødvendig | +| `gpt-5-mini` | ~$15 | ~158 NOK | Resonnering, ≈ gpt-4.1-mini-kost | +| `gpt-4.1-mini` | ~$16 | ~168 NOK | Standardanalyse | +| `gpt-5` | ~$75 | ~788 NOK | Dyp resonnering — billigere input enn gpt-4.1 | +| `gpt-4.1` | ~$80 | ~840 NOK | Juridisk/finansiell analyse | + +**Merk:** Ved denne input-tunge miksen (4:1 input/output) er `gpt-5` (~$75) faktisk litt billigere enn `gpt-4.1` (~$80) — gpt-5 input ($1.25) er rimeligere enn gpt-4.1 ($2.00). Den gamle påstanden «gpt-5 koster ~$2 750–4 100/mnd» var basert på det feilaktige estimat-båndet ($10–15/$40–60) og er fjernet. **Scenario C: Batch-prosessering (50% rabatt, 500 000 forespørsler/mnd, 200 input + 50 output tokens)** | Modell | USD/mnd (batch) | NOK/mnd | Merknad | |--------|----------------|---------|---------| -| `gpt-4.1-nano` | ~$7.00 | ~74 NOK | Klassifisering, tagging | -| `gpt-4.1-mini` | ~$28 | ~294 NOK | Sammendrag, analyse | -| `gpt-4.1` | ~$140 | ~1 470 NOK | Kompleks batch | +| `gpt-5-nano` | ~$7.50 | ~79 NOK | Billigste resonnering, klassifisering | +| `gpt-4.1-nano` | ~$10 | ~105 NOK | Klassifisering, tagging | +| `gpt-4.1-mini` | ~$40 | ~420 NOK | Sammendrag, analyse | +| `gpt-4.1` | ~$200 | ~2 100 NOK | Kompleks batch | -**Confidence:** Moderat (beregnet fra bekreftede GPT-4.1-priser. NOK-konvertering varierer med valutakurs). +**Confidence:** Høy (alle priser verifisert juni 2026; NOK ved kurs 10.5 — varierer med valutakurs). Alle tall er reproduserbare: USD/mnd = (input_tokens/1M × input_pris) + (output_tokens/1M × output_pris), × 0.5 ved batch. --- @@ -335,13 +340,13 @@ Krever oppgaven dyp, flertrinns resonnering? |----------|-----------------|------------------------------------------| | Enkel FAQ-bot | gpt-4.1-nano | ~58 NOK | | Kundestøtte chatbot | gpt-4.1-mini + Model Router | ~231 NOK | -| Juridisk dokumentanalyse | gpt-4.1 eller gpt-5 (high) | ~1 155–8 000+ NOK | -| Kode-assistent | gpt-5-mini (medium reasoning) | Estimert ~700–1 500 NOK | +| Juridisk dokumentanalyse | gpt-4.1 eller gpt-5 (high) | ~1 155–1 250 NOK base (+ resonnerings-tokens ved high) | +| Kode-assistent | gpt-5-mini (medium reasoning) | ~250 NOK base (+ resonnerings-tokens) | | Nattlig rapport (batch) | gpt-4.1-mini (batch) | ~116 NOK (50% rabatt) | | Enterprise Copilot (Copilot Studio) | gpt-4.1 (Standard Credits) | Innenfor inkluderte Credits | | RAG Q&A (norsk offentlig sektor) | gpt-4.1-mini + caching | ~116–231 NOK | -**Confidence:** Moderat (NOK-estimater basert på illustrative priser. GPT-5-scenarioer er estimert) +**Confidence:** Høy for base-token-kost (priser verifisert juni 2026). Resonnerings-modeller (gpt-5 *-reasoning*) genererer interne resonnerings-tokens som faktureres som output — faktisk kost ved `high` reasoning kan være vesentlig høyere enn base. Mål på reelt forbruk før budsjettering. ### Valg av deployment-type @@ -479,8 +484,8 @@ GPT-4o mini og GPT-4o brukes fortsatt i US Government regions (offer comparable - Default: Start med gpt-4.1-mini. Oppgrader kun ved bevist behov. **3. Estimer kostnad:** -- Bekreftede priser: gpt-4.1-serien -- Estimerte priser: gpt-5-serien (marker alltid som estimat) +- Verifiserte priser (juni 2026): både gpt-4.1- og gpt-5-serien — bruk det kanoniske registeret (`deterministic-cost-calculation-model.md` §1.1) +- Husk: gpt-5 *-reasoning*-modeller fakturerer interne resonnerings-tokens som output — mål reelt forbruk - Konverter til NOK (10.5 NOK/USD veiledende) - Inkluder deployment-type-premie for Norway East @@ -493,17 +498,17 @@ GPT-4o mini og GPT-4o brukes fortsatt i US Government regions (offer comparable | Situasjon | Marker | |-----------|--------| | GPT-4.1-priser | "Bekreftet $2.00/$8.00 per 1M tokens (input/output)" | -| GPT-5-priser | "Estimert ~$10–15/$40–60 per 1M tokens — verifiser på prisside" | +| GPT-5-priser | "Bekreftet $1.25/$10.00 per 1M tokens (verifisert juni 2026) — kryssjekk Azure prisside" | | NOK-konvertering | "Indikativt ved kurs 10.5 NOK/USD — verifiser aktuell kurs" | | Copilot Credits | "Bekreftet Basic/Standard/Premium-klassifisering per modell" | ### Vanlige spørsmål og svar **Q: "Er GPT-5 alltid bedre enn GPT-4.1?"** -**A:** Nei. GPT-5 er bedre for dyp resonnering. For sanntids-chatbots, høyvolum-RAG og enkle oppgaver er GPT-4.1 raskere, billigere og tilstrekkelig god. Start med GPT-4.1. +**A:** Nei. GPT-5 er bedre for dyp resonnering. For sanntids-chatbots, høyvolum-RAG og enkle oppgaver er GPT-4.1 raskere og tilstrekkelig god. Merk at base-token-kosten nå er omtrent lik (gpt-5 $1.25/$10.00 vs gpt-4.1 $2.00/$8.00) — det reelle skillet er latens og at gpt-5 *-reasoning* genererer ekstra resonnerings-tokens (fakturert som output). Start med GPT-4.1 for enkle oppgaver; velg GPT-5 når resonnering faktisk trengs. **Q: "Hva koster GPT-5 i Norge?"** -**A:** Priser er ikke offentlig tilgjengelig per februar 2026. Basert på PTU-dokumentasjon (1:8 ratio) og OpenAI API-annonsering er det estimert ~$10–15 per 1M input-tokens. Verifiser alltid på Azure prisside eller kontakt Microsoft. +**A:** gpt-5 flagship koster $1.25 per 1M input-tokens og $10.00 per 1M output-tokens (Global Standard, verifisert juni 2026). Cached input $0.125. Norway East Regional legger typisk ~10–20% på toppen. gpt-5-mini $0.25/$2.00, gpt-5-nano $0.05/$0.40. Kryssjekk alltid Azure prisside for din region og deployment-type. **Q: "Skal vi bruke gpt-4.1-mini eller gpt-4.1 i Copilot Studio?"** **A:** Start med gpt-4.1-mini (Basic rate, laveste Credits-forbruk). Bytt til gpt-4.1 kun for oppgaver som krever mer kompleks resonnering eller høyere kvalitet — test og mål først. @@ -518,9 +523,9 @@ GPT-4o mini og GPT-4o brukes fortsatt i US Government regions (offer comparable | Fallgruve | Konsekvens | Hvordan unngå | |-----------|------------|---------------| -| Bruke GPT-5 for enkle chatbot-svar | 5–20x høyere kostnad enn nødvendig | Start alltid med GPT-4.1-mini. Oppgrader kun ved bevist behov | +| Bruke gpt-5 *-reasoning* med `high` for enkle svar | Resonnerings-tokens (fakturert som output) kan mangedoble kosten | Start med gpt-4.1-mini/gpt-5-nano; bruk lav reasoning_effort der det holder | | Ikke skille mellom Global og Regional prising | 10–20% budsjett-avvik | Inkluder alltid deployment-type-premie i estimater for norsk sektor | -| Oppgi GPT-5-priser som bekreftet | Budsjett-overskridelse eller undervurdering | Marker alltid GPT-5-priser som estimert | +| Bruke utdaterte GPT-5-estimat-bånd ($10–15/$40–60) | 8–12x over-budsjettering | Bruk verifiserte priser ($1.25/$10.00) fra det kanoniske registeret | | Glemme Batch API-rabatt for natt-jobber | 2x høyere kostnad enn nødvendig | Vurder Batch API for alle ikke-sanntids workloads | | Ikke monitorere Copilot Credits-forbruk | Uventet faktura ved GPT-5/o3-bruk | Sett Credits-budsjetter i Power Platform admin center | @@ -594,21 +599,23 @@ GPT-4o mini og GPT-4o brukes fortsatt i US Government regions (offer comparable | gpt-4.1 Copilot: Standard rate | Kilde 6 | Høy | | gpt-5-reasoning Copilot: Premium rate | Kilde 6 | Høy | | Batch API: 50% rabatt | Kilde 1/Azure prisside | Høy | -| GPT-5 absolutte tokenpriser | Ikke bekreftet (Azure prisside $-) | Lav | +| gpt-5: $1.25 input / $10.00 output per 1M | WebSearch + OpenAI/Azure pricing (juni 2026) | Høy | +| gpt-5-nano: $0.05 / $0.40 per 1M | WebSearch (to kilder, juni 2026) | Høy | +| gpt-5-mini: $0.25 / $2.00 per 1M | OpenAI listepris; aggregatorer $0.125/$1.00 | Moderat | | gpt-4.1-nano prising | Ikke direkte bekreftet, interpolert | Moderat | -**Totalt antall kilder:** 10 (8 primære Microsoft Learn, 2 pricing-referanser) -**MCP-kall brukt:** 5 (4x docs_search, 1x docs_fetch — model-choice-guide) +**Totalt antall kilder:** 10 Microsoft Learn + WebSearch mot OpenAI API pricing & Azure OpenAI pricing (juni 2026) +**Verifiseringsmetode:** docs_search/docs_fetch (2026-02 baseline) + WebSearch-reverifisering av token-priser (2026-06) ### Siste oppdatering og gyldighet -**Dokumentasjonsdato:** Februar 2026 -**Bekreftede priser gyldige per:** Februar 2026 (GPT-4.1-serien) -**Estimerte priser:** GPT-5-serien — verifiser på offisiell prisside -**Neste review anbefalt:** Mai 2026 (GPT-5-priser forventes publisert; sjekk kvartalsvis) +**Dokumentasjonsdato:** Juni 2026 (token-priser re-baselined) +**Bekreftede priser gyldige per:** Juni 2026 (GPT-4.1-serien og GPT-5-serien) +**Kanonisk prissannhet:** `deterministic-cost-calculation-model.md` §1.1 — denne fila skal følge registeret +**Neste review anbefalt:** September 2026 (sjekk kvartalsvis; modellkatalogen 5.4/5.5 utvikler seg raskt) --- **Dokumenteier:** Cosmo Skyberg, Microsoft AI Solution Architect **Godkjent for:** Offentlig sektor Norge, Enterprise Azure-kunder -**Versjon:** 1.0 +**Versjon:** 1.1 (token-priser verifisert juni 2026) diff --git a/skills/ms-ai-security/references/cost-optimization/model-selection-price-performance.md b/skills/ms-ai-security/references/cost-optimization/model-selection-price-performance.md index a978ef0..50f4003 100644 --- a/skills/ms-ai-security/references/cost-optimization/model-selection-price-performance.md +++ b/skills/ms-ai-security/references/cost-optimization/model-selection-price-performance.md @@ -49,11 +49,12 @@ Azure OpenAI-tjenester prises per 1 000 tokens (1K) eller 1 million tokens (1M), - Input: ~$2.00 per 1M tokens - Output: ~$8.00 per 1M tokens -**GPT-5 (eksempel):** -- Input: ~$3.00 per 1M tokens (varierer med reasoning-nivå) -- Output: ~$12.00 per 1M tokens +**GPT-5 (verifisert juni 2026):** +- Input: $1.25 per 1M tokens (cached $0.125) +- Output: $10.00 per 1M tokens +- Merk: resonnerings-tokens faktureres som output — `high` reasoning_effort kan øke effektiv kost vesentlig -**Viktig:** Priser er illustrative. Sjekk alltid [offisiell prisside](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) for eksakte satser per region og modellversjon. +**Viktig:** Rå token-priser eies av det kanoniske registeret (`deterministic-cost-calculation-model.md` §1.1). Sjekk alltid [offisiell prisside](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) for eksakte satser per region og modellversjon. **Confidence:** Moderat (priseksempler fra dokumentasjon, men priser kan variere) @@ -113,11 +114,11 @@ Fine-tunede modeller har tre kostnadsdimensjoner: **Konsept:** Kaskaderende modellvalg basert på oppgavetype: -| Tier | Modell | Bruksområde | Kostnad/1M tokens (illustrativt) | -|------|--------|-------------|----------------------------------| -| **Tier 1** | GPT-4.1-nano | Enkel triage, klassifisering, korte svar | ~$0.50 input, ~$2.00 output | -| **Tier 2** | GPT-4.1-mini | Moderat kompleksitet, standarddrafting | ~$1.00 input, ~$4.00 output | -| **Tier 3** | GPT-4.1 / GPT-5-mini | Kompleks analyse, resonnering | ~$2.00-3.00 input, ~$8.00-12.00 output | +| Tier | Modell | Bruksområde | Kostnad/1M tokens (verifisert juni 2026) | +|------|--------|-------------|------------------------------------------| +| **Tier 1** | GPT-4.1-nano | Enkel triage, klassifisering, korte svar | $0.10 input, $0.40 output | +| **Tier 2** | GPT-4.1-mini | Moderat kompleksitet, standarddrafting | $0.40 input, $1.60 output | +| **Tier 3** | GPT-4.1 / GPT-5-mini | Kompleks analyse, resonnering | GPT-4.1 $2.00/$8.00 · GPT-5-mini $0.25/$2.00 | **Implementering:** ```python diff --git a/skills/ms-ai-security/references/cost-optimization/multi-model-strategy-costs.md b/skills/ms-ai-security/references/cost-optimization/multi-model-strategy-costs.md index fcadc11..aa504d9 100644 --- a/skills/ms-ai-security/references/cost-optimization/multi-model-strategy-costs.md +++ b/skills/ms-ai-security/references/cost-optimization/multi-model-strategy-costs.md @@ -471,21 +471,22 @@ az consumption usage list --start-date 2026-02-01 --end-date 2026-02-28 \ ### Prissammenligning mellom modeller -**Standard Deployment (Pay-as-you-go, NOK per 1M tokens, estimert 2026 rates):** +**Standard Deployment (Pay-as-you-go, verifisert juni 2026, USD + NOK ved kurs 10.5):** -| Model | Input (NOK/1M tokens) | Output (NOK/1M tokens) | Ratio (Output:Input) | -|-------|-----------------------|------------------------|----------------------| -| gpt-4.1-nano | ~50 | ~200 | 4:1 | -| gpt-4.1-mini | ~150 | ~600 | 4:1 | -| gpt-4.1 | ~300 | ~1200 | 4:1 | -| gpt-5-mini | ~100 | ~400 | 4:1 | -| gpt-5 | ~500 | ~2000 | 4:1 | -| gpt-5-chat | ~250 | ~1000 | 4:1 | -| o4-mini | ~350 | ~1400 | 4:1 | -| gpt-4o | ~250 | ~1000 | 4:1 | -| gpt-4o-mini | ~75 | ~300 | 4:1 | +| Model | Input USD/1M | Output USD/1M | Input NOK/1M | Output NOK/1M | Ratio (Out:In) | +|-------|--------------|---------------|--------------|---------------|----------------| +| gpt-4.1-nano | $0.10 | $0.40 | ~1 | ~4 | 4:1 | +| gpt-4.1-mini | $0.40 | $1.60 | ~4 | ~17 | 4:1 | +| gpt-4.1 | $2.00 | $8.00 | ~21 | ~84 | 4:1 | +| gpt-5-nano | $0.05 | $0.40 | ~1 | ~4 | 8:1 | +| gpt-5-mini | $0.25 | $2.00 | ~3 | ~21 | 8:1 | +| gpt-5 | $1.25 | $10.00 | ~13 | ~105 | 8:1 | +| gpt-5-chat | ~$1.25 | ~$10.00 | ~13 | ~105 | 8:1 | +| o4-mini | $1.10 | $4.40 | ~12 | ~46 | 4:1 | +| gpt-4o | $2.50 | $10.00 | ~26 | ~105 | 4:1 | +| gpt-4o-mini | $0.15 | $0.60 | ~2 | ~6 | 4:1 | -*(Priser er estimater basert på USD-pricing + valutakurs. Verifiser [Azure Pricing Calculator](https://azure.microsoft.com/pricing/calculator) for eksakte NOK-priser.)* +*(Kanonisk prissannhet: `deterministic-cost-calculation-model.md` §1.1. NOK = USD × 10.5 — verifiser [Azure Pricing Calculator](https://azure.microsoft.com/pricing/calculator) for eksakt kurs/region. Den forrige NOK-tabellen her var fabrikkert og 10–47x for høy.)* **Provisioned Throughput (PTU, NOK per PTU/hr, estimert):** diff --git a/skills/ms-ai-security/references/cost-optimization/small-language-models-economics.md b/skills/ms-ai-security/references/cost-optimization/small-language-models-economics.md index f23207b..c33927f 100644 --- a/skills/ms-ai-security/references/cost-optimization/small-language-models-economics.md +++ b/skills/ms-ai-security/references/cost-optimization/small-language-models-economics.md @@ -433,16 +433,16 @@ az webapp create --name webapp-slm-phi4 --resource-group rg-slm-norway --plan pl ## Kostnad og lisensiering -### Prissammenligning: SLM vs LLM (Azure AI Foundry, februar 2026) +### Prissammenligning: SLM vs LLM (token-priser verifisert juni 2026, NOK ved kurs 10,5) -| Modell | Type | Pris (Input) | Pris (Output) | Eksempel (1M tokens) | -|--------|------|--------------|---------------|----------------------| +| Modell | Type | Pris (Input) | Pris (Output) | Eksempel (1M+1M tokens) | +|--------|------|--------------|---------------|-------------------------| | **Phi-4-mini** | SLM | 0,10 NOK / 1M tokens | 0,30 NOK / 1M tokens | 0,40 NOK | -| **GPT-4o-mini** | Small LLM | 1,50 NOK / 1M tokens | 6,00 NOK / 1M tokens | 7,50 NOK | -| **GPT-4o** | LLM | 30,00 NOK / 1M tokens | 60,00 NOK / 1M tokens | 90,00 NOK | -| **GPT-4** | LLM | 150,00 NOK / 1M tokens | 300,00 NOK / 1M tokens | 450,00 NOK | +| **GPT-4o-mini** | Small LLM | 1,58 NOK / 1M tokens | 6,30 NOK / 1M tokens | 7,88 NOK | +| **GPT-4o** | LLM | 26,25 NOK / 1M tokens | 105,00 NOK / 1M tokens | 131,25 NOK | +| **GPT-4** (utfaset, illustrativt) | LLM | ~105 NOK / 1M tokens | ~315 NOK / 1M tokens | ~420 NOK | -**Besparelse:** Phi-4-mini er **225x billigere** enn GPT-4 og **19x billigere** enn GPT-4o-mini. +**Besparelse:** Phi-4-mini er ~**20x billigere** enn GPT-4o-mini og ~**330x billigere** enn GPT-4o (frontier LLM) på ren token-kost. (GPT-4o/4o-mini verifisert juni 2026; GPT-4 er utfaset og oppgis kun illustrativt. Kanonisk prissannhet: `deterministic-cost-calculation-model.md` §1.1.) --- diff --git a/skills/ms-ai-security/references/cost-optimization/token-counting-optimization.md b/skills/ms-ai-security/references/cost-optimization/token-counting-optimization.md index c4e1a03..38e8df4 100644 --- a/skills/ms-ai-security/references/cost-optimization/token-counting-optimization.md +++ b/skills/ms-ai-security/references/cost-optimization/token-counting-optimization.md @@ -455,17 +455,18 @@ Image tokens (high-res) = (# tiles × 170) + 85 ## Kostnad og lisensiering -### Azure OpenAI Pricing (Eksempler, februar 2026) +### Azure OpenAI Pricing (verifisert juni 2026) | Modell | Input (per 1M tokens) | Cached Input | Output (per 1M tokens) | Context Window | |--------|-----------------------|--------------|------------------------|----------------| +| **gpt-5** | $1.25 | $0.125 | $10.00 | 400K | +| **gpt-5-mini** | $0.25 | — | $2.00 | 400K | | **gpt-4o** | $2.50 | $1.25 | $10.00 | 128K | | **gpt-4o-mini** | $0.15 | $0.075 | $0.60 | 128K | -| **o1** | $15.00 | $7.50 | $60.00 | 200K | | **o3-mini** | $1.10 | $0.55 | $4.40 | 200K | -| **gpt-4.1** | $2.00 | $1.00 | $8.00 | 128K | +| **gpt-4.1** | $2.00 | $0.50 | $8.00 | 128K | -**Merk:** Priser er illustrative. Sjekk alltid [offisiell pricing page](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/). +**Merk:** Kanonisk prissannhet er `deterministic-cost-calculation-model.md` §1.1. Sjekk alltid [offisiell pricing page](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) for din region. ### Fine-Tuning Costs From dd1036ab8addb223a5df49e3ee49c738023af5dc Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 13:37:06 +0200 Subject: [PATCH 007/309] =?UTF-8?q?fix(ms-ai-architect):=20Foundry=20URL-n?= =?UTF-8?q?avnerom-migrering=20(ai-foundry=20=E2=86=92=20foundry/foundry-c?= =?UTF-8?q?lassic,=20141=20filer)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Task #5 del 1/3 (URL-migrering). Verifiseringen motbeviste STATE.md-premisset om ren prefix-swap: rebrand er per-URL, ikke mekanisk. En blind sed ai-foundry→foundry ville lagd 56 nye 404-er (classic-stiene finnes ikke under nytt foundry/-prefiks — bekreftet empirisk). Metode: resolverte alle 237 unike KB-URLer mot live redirects (curl -L), bygde full-URL→full-URL-mapping fra faktisk url_effective. Bevarer locale-form, query (?view=) og #fragment per lenke. - 231 navnerom-erstatninger over 141 filer (408 forekomster): - 161 → azure/foundry/ (98 ren prefix-swap + 10 sti-reorg + reorg-tilfeller) - 69 → azure/foundry-classic/ (eldre hub-spor: assistants, hub-DR, on-your-data; faktisk redirect-mål per operatorvalg) - 1 → azure/foundry-local/ - 2 døde lenker (404) fikset til verifiserte mål: - agent-service → azure/foundry/agents/overview - concepts/evaluation-evaluators/ → azure/foundry/how-to/evaluate-generative-ai-app - 5 path-/display-referanser (uten https://, i backticks/lenketekst) rettet manuelt. - 6 slug-baserte ai-foundry-treff urørt (scope-grense): managed-grafana-dashboard, security-baseline, power-platform prompt-builder, architecture baseline-chat (sistnevnte slug-rebrand i annet navnerom — mulig fremtidig funn). - Parkert til task #5 del 2/3: Norway East GPT-5-datasuverenitet-fiks + modellkatalog-utvidelse (5.3/5.4/5.5, gpt-oss, sora-2). Verifisert: 0 gjenværende azure/ai-foundry/-navnerom i skills/. validate-plugin.sh 219 PASS. test-kb-integrity.sh 117/117 passed. Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- .../references/architecture/cost-models.md | 2 +- .../architecture/migration-patterns.md | 2 +- .../references/architecture/poc-template.md | 2 +- .../regional-availability-verification.md | 4 ++-- .../copilot-api-rate-limiting-resilience.md | 10 ++++---- .../copilot-context-window-optimization.md | 6 ++--- .../references/development/agent-framework.md | 2 +- .../references/platforms/azure-ai-foundry.md | 24 +++++++++---------- .../platforms/model-catalog-2026.md | 18 +++++++------- .../adversarial-prompting-and-jailbreaks.md | 4 ++-- .../chain-of-thought-prompting.md | 12 +++++----- .../domain-specific-prompt-optimization.md | 8 +++---- .../error-handling-and-fallback-prompting.md | 6 ++--- .../few-shot-learning-techniques.md | 8 +++---- .../function-calling-and-tool-use.md | 12 +++++----- .../grounding-and-knowledge-injection.md | 6 ++--- .../multi-turn-conversation-management.md | 12 +++++----- .../multimodal-prompt-design.md | 4 ++-- .../prompt-testing-and-evaluation.md | 10 ++++---- .../real-time-reasoning-performance.md | 6 ++--- .../reasoning-models-o1-o3-optimization.md | 8 +++---- .../regulatory-and-compliance-prompting.md | 4 ++-- .../role-playing-and-persona-techniques.md | 10 ++++---- .../structured-output-formatting.md | 8 +++---- .../system-message-design-patterns.md | 10 ++++---- .../temperature-sampling-and-parameters.md | 10 ++++---- .../token-optimization-and-efficiency.md | 8 +++---- .../agent-autonomy-and-control-governance.md | 2 +- .../agent-evaluation-testing-frameworks.md | 14 +++++------ .../agent-memory-and-context-management.md | 8 +++---- .../agent-to-agent-a2a-protocol.md | 4 ++-- .../computer-using-agents-cua.md | 4 ++-- .../foundry-agent-service-ga.md | 18 +++++++------- .../foundry-workflows-visual-orchestration.md | 10 ++++---- .../tool-use-and-function-calling-patterns.md | 6 ++--- .../multi-region-ai-gateway-design.md | 2 +- .../api-management/streaming-support-apim.md | 2 +- .../ai-services-api-best-practices.md | 4 ++-- .../ai-services-cost-optimization.md | 8 +++---- .../ai-services-enterprise-architecture.md | 4 ++-- .../ai-services-monitoring-logging.md | 2 +- .../ai-services-networking-security.md | 4 ++-- .../ai-services-vs-foundry-tools-selection.md | 6 ++--- .../azure-ai-vision-image-analysis.md | 2 +- .../azure-ai-vision-ocr-processing.md | 6 ++--- ...ntent-understanding-multimodal-analysis.md | 2 +- .../speech-services-speaker-recognition.md | 2 +- .../speech-services-text-to-speech.md | 2 +- .../translator-document-translation.md | 4 ++-- .../data-anonymization-privacy.md | 4 ++-- .../data-quality-ai-frameworks.md | 2 +- .../synthetic-data-generation.md | 6 ++--- .../feedback-loops-continuous-improvement.md | 2 +- .../genaiops-llm-specific-practices.md | 2 +- .../governance-audit-ml-operations.md | 2 +- .../inferencing-optimization-caching.md | 2 +- .../llm-evaluation-production.md | 8 +++---- .../model-evaluation-frameworks.md | 8 +++---- .../model-versioning-registry-management.md | 2 +- .../prompt-flow-production-deployment.md | 4 ++-- .../rag-architecture/citation-tracking.md | 4 ++-- .../graphrag-knowledge-graphs.md | 2 +- .../late-chunking-patterns.md | 2 +- .../rag-architecture/rag-context-windows.md | 10 ++++---- .../rag-architecture/rag-cost-optimization.md | 8 +++---- .../rag-evaluation-frameworks.md | 6 ++--- .../rag-hallucination-mitigation.md | 6 ++--- .../rag-iterative-refinement.md | 2 +- .../rag-architecture/rag-security-rbac.md | 4 ++-- .../rag-architecture/self-reflective-rag.md | 2 +- .../streaming-rag-responses.md | 6 ++--- .../compliance-monitoring-ai-governance.md | 4 ++-- .../cost-monitoring-cost-attribution.md | 4 ++-- .../custom-dashboards-ai-operations.md | 2 +- .../endpoint-health-and-capacity-planning.md | 8 +++---- .../log-analytics-kql-ai-queries.md | 4 ++-- .../model-performance-drift-detection.md | 4 ++-- .../real-time-streaming-monitoring.md | 2 +- .../response-quality-metrics-rag.md | 12 +++++----- .../security-and-audit-logging-ai.md | 4 ++-- .../sla-monitoring-ai-services.md | 6 ++--- .../token-usage-tracking-attribution.md | 8 +++---- .../copyright-ai-training-data-norway.md | 12 +++++----- .../ai-impact-assessment-framework.md | 2 +- .../ai-risk-taxonomy-classification.md | 2 +- ...algorithmic-accountability-auditability.md | 2 +- .../bias-detection-mitigation-strategies.md | 2 +- .../content-safety-implementation.md | 12 +++++----- .../continuous-improvement-feedback-loops.md | 10 ++++---- .../gdpr-compliance-ai-systems.md | 2 +- .../human-in-the-loop-oversight.md | 2 +- .../model-explainability-interpretability.md | 2 +- .../responsible-ai/red-teaming-ai-models.md | 6 ++--- .../responsible-ai-policy-development.md | 2 +- .../stakeholder-communication-ai-decisions.md | 2 +- .../transparency-documentation-standards.md | 8 +++---- .../ai-foundry-disaster-recovery-planning.md | 8 +++---- .../capacity-planning-dr-configurations.md | 2 +- .../bcdr/incident-response-ai-systems.md | 2 +- .../monitoring-alerting-failover-detection.md | 2 +- .../multi-region-azure-openai-deployment.md | 6 ++--- .../bcdr/rto-rpo-planning-ai-services.md | 2 +- .../adversarial-input-robustness-testing.md | 2 +- .../ai-security-scoring-framework.md | 2 +- .../content-safety-filter-calibration.md | 6 ++--- .../data-leakage-prevention-ai.md | 4 ++-- .../entra-agent-id-zero-trust.md | 2 +- .../jailbreak-prevention-production.md | 6 ++--- .../model-fingerprinting-watermarking.md | 2 +- ...utput-validation-grounding-verification.md | 8 +++---- .../pii-detection-norwegian-context.md | 2 +- .../prompt-injection-defense-patterns.md | 4 ++-- .../zero-trust-ai-services.md | 2 +- .../azure-ai-foundry-cost-governance.md | 14 +++++------ .../batch-processing-cost-reduction.md | 10 ++++---- .../budget-forecasting-ai-projects.md | 4 ++-- .../gpt5-gpt41-pricing-models.md | 12 +++++----- .../inference-endpoint-cost-optimization.md | 6 ++--- .../model-selection-price-performance.md | 12 +++++----- .../multi-model-strategy-costs.md | 8 +++---- .../prompt-engineering-cost-reduction.md | 12 +++++----- .../ptu-vs-paygo-economics.md | 14 +++++------ .../rag-query-cost-reduction.md | 2 +- .../request-batching-aggregation.md | 4 ++-- .../reserved-capacity-planning.md | 8 +++---- .../small-language-models-economics.md | 4 ++-- .../token-counting-optimization.md | 10 ++++---- .../vector-storage-cost-optimization.md | 4 ++-- .../async-processing-patterns.md | 6 ++--- .../batch-api-usage-optimization.md | 2 +- .../concurrent-request-optimization.md | 6 ++--- .../gpu-compute-sizing.md | 4 ++-- .../load-testing-ai-services.md | 4 ++-- .../model-distillation-performance.md | 6 ++--- .../performance-benchmarking-frameworks.md | 6 ++--- .../prompt-caching-performance.md | 4 ++-- .../rate-limit-management.md | 6 ++--- .../regional-deployment-latency.md | 2 +- .../response-chunking-strategies.md | 2 +- .../throughput-optimization-strategies.md | 6 ++--- .../token-per-second-optimization.md | 8 +++---- 141 files changed, 399 insertions(+), 399 deletions(-) diff --git a/skills/ms-ai-advisor/references/architecture/cost-models.md b/skills/ms-ai-advisor/references/architecture/cost-models.md index d402869..1014b3a 100644 --- a/skills/ms-ai-advisor/references/architecture/cost-models.md +++ b/skills/ms-ai-advisor/references/architecture/cost-models.md @@ -587,7 +587,7 @@ Azure AI Foundry er en **orkestreringsplattform** som benytter flere Azure-tjene - [Azure Cost Management](https://azure.microsoft.com/services/cost-management/) **Dokumentasjon:** -- [Azure OpenAI Cost Management](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/manage-costs) +- [Azure OpenAI Cost Management](https://learn.microsoft.com/azure/foundry/concepts/manage-costs) - [Copilot Studio Billing and management](https://learn.microsoft.com/microsoft-copilot-studio/billing-rates-and-management) — Verified (MCP 2026-04) - [AI Builder Credit Management](https://learn.microsoft.com/ai-builder/credit-management) diff --git a/skills/ms-ai-advisor/references/architecture/migration-patterns.md b/skills/ms-ai-advisor/references/architecture/migration-patterns.md index b948fd7..a500d59 100644 --- a/skills/ms-ai-advisor/references/architecture/migration-patterns.md +++ b/skills/ms-ai-advisor/references/architecture/migration-patterns.md @@ -1182,7 +1182,7 @@ Base effort: 200 timer ### Microsoft Learn - [Azure Migration Guide](https://learn.microsoft.com/azure/cloud-adoption-framework/migrate/) - [Copilot Studio Migration](https://learn.microsoft.com/microsoft-copilot-studio/unified-authoring-conversion) -- [Azure AI Foundry Documentation](https://learn.microsoft.com/azure/ai-foundry/) +- [Azure AI Foundry Documentation](https://learn.microsoft.com/azure/foundry/) ### Verktøy - **Azure Migrate:** Assessment og migrering av workloads diff --git a/skills/ms-ai-advisor/references/architecture/poc-template.md b/skills/ms-ai-advisor/references/architecture/poc-template.md index 72025e5..9a3cae3 100644 --- a/skills/ms-ai-advisor/references/architecture/poc-template.md +++ b/skills/ms-ai-advisor/references/architecture/poc-template.md @@ -925,7 +925,7 @@ Legg til ekstra tid hvis: ### Microsoft Documentation - [AI Adoption Framework (CAF)](https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/ai/) - [Copilot Studio Implementation Guidance](https://learn.microsoft.com/microsoft-copilot-studio/guidance/overview) -- [Azure AI Foundry Evaluation](https://learn.microsoft.com/azure/ai-foundry/concepts/evaluation-evaluators/) +- [Azure AI Foundry Evaluation](https://learn.microsoft.com/azure/foundry/how-to/evaluate-generative-ai-app) - [Responsible AI Standard](https://www.microsoft.com/ai/responsible-ai) ### Tools diff --git a/skills/ms-ai-advisor/references/architecture/regional-availability-verification.md b/skills/ms-ai-advisor/references/architecture/regional-availability-verification.md index 4557927..232f2cd 100644 --- a/skills/ms-ai-advisor/references/architecture/regional-availability-verification.md +++ b/skills/ms-ai-advisor/references/architecture/regional-availability-verification.md @@ -248,9 +248,9 @@ Når en tjeneste ikke er tilgjengelig i Norway East: | Ressurs | URL | Oppdateringsfrekvens | |---------|-----|---------------------| | Azure Products by Region | https://azure.microsoft.com/en-us/explore/global-infrastructure/products-by-region | Fortløpende | -| Azure OpenAI Models & Region | https://learn.microsoft.com/azure/ai-foundry/openai/concepts/models | Ved modellendringer | +| Azure OpenAI Models & Region | https://learn.microsoft.com/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure | Ved modellendringer | | Azure AI Search Regions | https://learn.microsoft.com/azure/search/search-region-support | Ved regionsendringer | -| Microsoft Foundry Regions | https://learn.microsoft.com/azure/ai-foundry/reference/region-support | Ved regionsendringer | +| Microsoft Foundry Regions | https://learn.microsoft.com/azure/foundry/reference/region-support | Ved regionsendringer | | Azure Status | https://status.azure.com | Sanntid | | Azure Updates | https://azure.microsoft.com/updates | Daglig | diff --git a/skills/ms-ai-advisor/references/copilot-extensibility/copilot-api-rate-limiting-resilience.md b/skills/ms-ai-advisor/references/copilot-extensibility/copilot-api-rate-limiting-resilience.md index de6775f..d342f4f 100644 --- a/skills/ms-ai-advisor/references/copilot-extensibility/copilot-api-rate-limiting-resilience.md +++ b/skills/ms-ai-advisor/references/copilot-extensibility/copilot-api-rate-limiting-resilience.md @@ -244,7 +244,7 @@ while True: **Use case:** Store batch-operasjoner (Azure OpenAI, Azure AI Foundry). -**Verified:** [Batch deployments - Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/batch) +**Verified:** [Batch deployments - Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/batch) --- @@ -299,7 +299,7 @@ while True: - Implementer retry logic med exponential backoff - Unngå skarpe workload-endringer (gradvis økning) -**Verified:** [Quotas and limits - Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/quotas-limits), [Manage quota - Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/quota) +**Verified:** [Quotas and limits - Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/openai/quotas-limits), [Manage quota - Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/quota) ### Copilot Studio @@ -484,9 +484,9 @@ while True: 3. [Circuit Breaker pattern - Cloud-Native .NET](https://learn.microsoft.com/en-us/dotnet/architecture/cloud-native/application-resiliency-patterns) 4. [What is rate limiting? - Microsoft Cloud Dev](https://learn.microsoft.com/en-us/microsoft-cloud/dev/dev-proxy/concepts/what-is-rate-limiting) 5. [How to handle API throttling - Microsoft Cloud Dev](https://learn.microsoft.com/en-us/microsoft-cloud/dev/dev-proxy/concepts/how-to-handle-api-throttling) -6. [Azure OpenAI quotas and limits](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/quotas-limits) -7. [Manage Azure OpenAI quota](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/quota) -8. [Batch deployments - Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/batch) +6. [Azure OpenAI quotas and limits](https://learn.microsoft.com/en-us/azure/foundry/openai/quotas-limits) +7. [Manage Azure OpenAI quota](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/quota) +8. [Batch deployments - Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/batch) 9. [Resolve throttling errors in Copilot Studio agents](https://learn.microsoft.com/en-us/troubleshoot/power-platform/copilot-studio/licensing/throttling-errors-agents) 10. [Error codes - Copilot Studio](https://learn.microsoft.com/en-us/troubleshoot/power-platform/copilot-studio/authoring/error-codes) 11. [Optimize bot with rate limiting in Teams](https://learn.microsoft.com/en-us/microsoftteams/platform/bots/how-to/rate-limit) diff --git a/skills/ms-ai-advisor/references/copilot-extensibility/copilot-context-window-optimization.md b/skills/ms-ai-advisor/references/copilot-extensibility/copilot-context-window-optimization.md index 706e15f..25a2519 100644 --- a/skills/ms-ai-advisor/references/copilot-extensibility/copilot-context-window-optimization.md +++ b/skills/ms-ai-advisor/references/copilot-extensibility/copilot-context-window-optimization.md @@ -538,11 +538,11 @@ Response + Citations **MCP-verified sources (microsoft-learn):** 1. **Azure OpenAI Assistants API — Context Window Management** - - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/assistants#context-window-management + - https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/assistants#context-window-management - Verified: max_prompt_tokens, max_completion_tokens, truncation_strategy 2. **Troubleshooting and best practices for Azure OpenAI On Your Data** - - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/on-your-data-best-practices + - https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/on-your-data-best-practices - Verified: topNDocuments, strictness, chunk_size, workflow funnel 3. **Quotas and limits for Copilot Studio** @@ -558,7 +558,7 @@ Response + Citations - Verified: Known limitations, no long-running task support, context limits 6. **Azure OpenAI Predicted Outputs** - - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/predicted-outputs + - https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/predicted-outputs - Verified: Prediction parameter for latency optimization 7. **Copilot handoff (Teams Bot Framework)** diff --git a/skills/ms-ai-advisor/references/development/agent-framework.md b/skills/ms-ai-advisor/references/development/agent-framework.md index 120ff76..5b0c197 100644 --- a/skills/ms-ai-advisor/references/development/agent-framework.md +++ b/skills/ms-ai-advisor/references/development/agent-framework.md @@ -465,7 +465,7 @@ result = await agent.run() # Automatisk planning ## Ressurser - [Agent Framework Documentation](https://learn.microsoft.com/azure/ai-services/agents) -- [Azure AI Foundry Agent Service](https://learn.microsoft.com/azure/ai-foundry/agent-service) +- [Azure AI Foundry Agent Service](https://learn.microsoft.com/azure/foundry/agents/overview) - [Migration Guide from Semantic Kernel](https://learn.microsoft.com/azure/ai-services/agents/migrate-semantic-kernel) - [GitHub Samples](https://github.com/azure-samples/ai-agent-framework) diff --git a/skills/ms-ai-advisor/references/platforms/azure-ai-foundry.md b/skills/ms-ai-advisor/references/platforms/azure-ai-foundry.md index 3587091..addeb6a 100644 --- a/skills/ms-ai-advisor/references/platforms/azure-ai-foundry.md +++ b/skills/ms-ai-advisor/references/platforms/azure-ai-foundry.md @@ -371,18 +371,18 @@ Microsoft.CognitiveServices/account (kind: AIServices) Adapted from Microsoft Learn documentation ([CC BY 4.0](https://creativecommons.org/licenses/by/4.0/)): -- [What is Microsoft Foundry?](https://learn.microsoft.com/azure/ai-foundry/what-is-foundry?view=foundry-classic) -- [What's new in Microsoft Foundry (December 2025)](https://learn.microsoft.com/azure/ai-foundry/whats-new-foundry?view=foundry-classic) -- [What's new in Azure OpenAI](https://learn.microsoft.com/azure/ai-foundry/openai/whats-new?view=foundry-classic) -- [What's new in Foundry Agent Service](https://learn.microsoft.com/azure/ai-foundry/agents/whats-new?view=foundry-classic) -- [GPT-5 models](https://learn.microsoft.com/azure/ai-foundry/foundry-models/concepts/models-sold-directly-by-azure?view=foundry-classic) -- [Build a workflow in Microsoft Foundry](https://learn.microsoft.com/azure/ai-foundry/agents/concepts/workflow?view=foundry) -- [Foundry Local](https://learn.microsoft.com/azure/ai-foundry/foundry-local/what-is-foundry-local?view=foundry-classic) -- [Computer Use (preview)](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/computer-use?view=foundry-classic) -- [Deep Research tool](https://learn.microsoft.com/azure/ai-foundry/agents/how-to/tools-classic/deep-research?view=foundry-classic) -- [A2A Agent endpoint (preview)](https://learn.microsoft.com/azure/ai-foundry/agents/how-to/tools/agent-to-agent?view=foundry) -- [MCP tool](https://learn.microsoft.com/azure/ai-foundry/agents/how-to/tools-classic/model-context-protocol?view=foundry-classic) -- [Model region availability](https://learn.microsoft.com/azure/ai-foundry/openai/concepts/models) +- [What is Microsoft Foundry?](https://learn.microsoft.com/azure/foundry/what-is-foundry?view=foundry-classic) +- [What's new in Microsoft Foundry (December 2025)](https://learn.microsoft.com/azure/foundry/whats-new-foundry?view=foundry-classic) +- [What's new in Azure OpenAI](https://learn.microsoft.com/azure/foundry-classic/openai/whats-new?view=foundry-classic) +- [What's new in Foundry Agent Service](https://learn.microsoft.com/azure/foundry-classic/agents/whats-new?view=foundry-classic) +- [GPT-5 models](https://learn.microsoft.com/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure?view=foundry-classic) +- [Build a workflow in Microsoft Foundry](https://learn.microsoft.com/azure/foundry/agents/concepts/workflow?view=foundry) +- [Foundry Local](https://learn.microsoft.com/azure/foundry-local/what-is-foundry-local?view=foundry-classic) +- [Computer Use (preview)](https://learn.microsoft.com/azure/foundry-classic/openai/how-to/computer-use?view=foundry-classic) +- [Deep Research tool](https://learn.microsoft.com/azure/foundry-classic/agents/how-to/tools-classic/deep-research?view=foundry-classic) +- [A2A Agent endpoint (preview)](https://learn.microsoft.com/azure/foundry/agents/how-to/tools/agent-to-agent?view=foundry) +- [MCP tool](https://learn.microsoft.com/azure/foundry-classic/agents/how-to/tools-classic/model-context-protocol?view=foundry-classic) +- [Model region availability](https://learn.microsoft.com/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure) Content has been translated to Norwegian, reorganized, and augmented with decision guidance. diff --git a/skills/ms-ai-advisor/references/platforms/model-catalog-2026.md b/skills/ms-ai-advisor/references/platforms/model-catalog-2026.md index 42a928a..85516ff 100644 --- a/skills/ms-ai-advisor/references/platforms/model-catalog-2026.md +++ b/skills/ms-ai-advisor/references/platforms/model-catalog-2026.md @@ -390,15 +390,15 @@ Trenger kunden open-source/selvhostet-alternativ? Adapted from Microsoft Learn documentation ([CC BY 4.0](https://creativecommons.org/licenses/by/4.0/)): -- [Foundry Models sold directly by Azure (azure-openai)](https://learn.microsoft.com/azure/ai-foundry/foundry-models/concepts/models-sold-directly-by-azure?view=foundry-classic) -- [Foundry Models sold directly by Azure (azure-direct-others)](https://learn.microsoft.com/azure/ai-foundry/foundry-models/concepts/models-sold-directly-by-azure?view=foundry-classic&pivots=azure-direct-others) -- [Azure OpenAI in Azure AI Foundry Models — model overview](https://learn.microsoft.com/azure/ai-foundry/openai/concepts/models) -- [GPT-5 vs GPT-4.1: choosing the right model](https://learn.microsoft.com/azure/ai-foundry/foundry-models/how-to/model-choice-guide?view=foundry-classic) -- [Azure OpenAI reasoning models](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/reasoning?view=foundry-classic) -- [PTU costs and billing](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/provisioned-throughput-onboarding?view=foundry-classic) -- [Foundry Models from partners and community (Phi)](https://learn.microsoft.com/azure/ai-foundry/foundry-models/concepts/models-from-partners?view=foundry-classic) -- [Azure OpenAI models and regions for Foundry Agent Service](https://learn.microsoft.com/azure/ai-foundry/agents/concepts/model-region-support?view=foundry-classic) -- [Azure OpenAI quotas and limits](https://learn.microsoft.com/azure/ai-foundry/openai/quotas-limits?view=foundry-classic) +- [Foundry Models sold directly by Azure (azure-openai)](https://learn.microsoft.com/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure?view=foundry-classic) +- [Foundry Models sold directly by Azure (azure-direct-others)](https://learn.microsoft.com/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure?view=foundry-classic&pivots=azure-direct-others) +- [Azure OpenAI in Azure AI Foundry Models — model overview](https://learn.microsoft.com/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure) +- [GPT-5 vs GPT-4.1: choosing the right model](https://learn.microsoft.com/azure/foundry/foundry-models/how-to/model-choice-guide?view=foundry-classic) +- [Azure OpenAI reasoning models](https://learn.microsoft.com/azure/foundry/openai/how-to/reasoning?view=foundry-classic) +- [PTU costs and billing](https://learn.microsoft.com/azure/foundry/openai/concepts/provisioned-throughput-billing?view=foundry-classic) +- [Foundry Models from partners and community (Phi)](https://learn.microsoft.com/azure/foundry/foundry-models/concepts/models-from-partners?view=foundry-classic) +- [Azure OpenAI models and regions for Foundry Agent Service](https://learn.microsoft.com/azure/foundry-classic/agents/concepts/model-region-support?view=foundry-classic) +- [Azure OpenAI quotas and limits](https://learn.microsoft.com/azure/foundry/openai/quotas-limits?view=foundry-classic) Content translated to Norwegian, reorganized, and augmented with decision guidance for Norwegian public sector. diff --git a/skills/ms-ai-advisor/references/prompt-engineering/adversarial-prompting-and-jailbreaks.md b/skills/ms-ai-advisor/references/prompt-engineering/adversarial-prompting-and-jailbreaks.md index 0e236ad..40d528d 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/adversarial-prompting-and-jailbreaks.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/adversarial-prompting-and-jailbreaks.md @@ -760,11 +760,11 @@ Start: AI system security design *Verifisert: januar 2026, omfatter AI-1 til AI-7 controls* 3. **Azure AI Red Teaming Agent:** - https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/ai-red-teaming-agent + https://learn.microsoft.com/en-us/azure/foundry/concepts/ai-red-teaming-agent *Verifisert: januar 2026, Public Preview* 4. **Content Filtering (default policies):** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/default-safety-policies + https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/default-safety-policies *Verifisert: januar 2026, GA* 5. **Microsoft Defender for AI Services:** diff --git a/skills/ms-ai-advisor/references/prompt-engineering/chain-of-thought-prompting.md b/skills/ms-ai-advisor/references/prompt-engineering/chain-of-thought-prompting.md index 8e1b1c1..09e7b9e 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/chain-of-thought-prompting.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/chain-of-thought-prompting.md @@ -474,11 +474,11 @@ Chain-of-thought øker token-forbruk betydelig: | Kilde | Konfidensnivå | Verifisert dato | |-------|---------------|-----------------| -| [Prompt engineering techniques - Chain of thought prompting](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/prompt-engineering#chain-of-thought-prompting) | **Verified** | 2026-02 | -| [Azure OpenAI On Your Data - Best practices (Chain-of-thought prompting)](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/use-your-data#best-practices) | **Verified** | 2026-02 | -| [Azure OpenAI Evaluation (Preview) - Factuality (uses CoT internally)](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/evaluations#types-of-testing-criteria) | **Verified** | 2026-02 | -| [Azure OpenAI reasoning models (o1, o3, GPT-5)](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/reasoning) | **Verified** | 2026-02 | -| [Transparency note for Azure OpenAI - Chain-of-thought capabilities](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/transparency-note?view=foundry-classic#capabilities) | **Verified** | 2026-02 | +| [Prompt engineering techniques - Chain of thought prompting](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/prompt-engineering#chain-of-thought-prompting) | **Verified** | 2026-02 | +| [Azure OpenAI On Your Data - Best practices (Chain-of-thought prompting)](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/use-your-data#best-practices) | **Verified** | 2026-02 | +| [Azure OpenAI Evaluation (Preview) - Factuality (uses CoT internally)](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/evaluations#types-of-testing-criteria) | **Verified** | 2026-02 | +| [Azure OpenAI reasoning models (o1, o3, GPT-5)](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/reasoning) | **Verified** | 2026-02 | +| [Transparency note for Azure OpenAI - Chain-of-thought capabilities](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/transparency-note?view=foundry-classic#capabilities) | **Verified** | 2026-02 | ### Baseline-kunnskap (fra Claude-modell) @@ -493,7 +493,7 @@ Chain-of-thought øker token-forbruk betydelig: 1. **microsoft_docs_search:** "chain of thought prompting Azure OpenAI" → 10 resultater 2. **microsoft_code_sample_search:** "chain of thought prompt examples" → 20 code snippets -3. **microsoft_docs_fetch:** [Azure OpenAI reasoning models](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/reasoning) → Full dokumentasjon hentet +3. **microsoft_docs_fetch:** [Azure OpenAI reasoning models](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/reasoning) → Full dokumentasjon hentet **Totalt:** 4 MCP-kall, 3 unike Microsoft Learn-kilder. diff --git a/skills/ms-ai-advisor/references/prompt-engineering/domain-specific-prompt-optimization.md b/skills/ms-ai-advisor/references/prompt-engineering/domain-specific-prompt-optimization.md index c753820..638f757 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/domain-specific-prompt-optimization.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/domain-specific-prompt-optimization.md @@ -558,19 +558,19 @@ Basert på testing (Azure OpenAI dokumentasjon): ### Microsoft Learn dokumentasjon (fetched via MCP 2026-02-04) 1. **Prompt engineering techniques** (Azure OpenAI) - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/prompt-engineering + https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/prompt-engineering *Source for: Best practices, few-shot learning, chain-of-thought, output structure* 2. **Azure OpenAI On Your Data** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/use-your-data + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/use-your-data *Source for: RAG configuration, field mapping, strictness, multi-lingual support, token estimation* 3. **Transparency note for Azure OpenAI** - https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/transparency-note + https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/transparency-note *Source for: Model capabilities, limitations, responsible AI considerations* 4. **Azure OpenAI FAQ** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/faq + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/faq *Source for: Language handling, model behavior, grounding strategies* 5. **Apply prompt engineering with Azure OpenAI Service - Training** diff --git a/skills/ms-ai-advisor/references/prompt-engineering/error-handling-and-fallback-prompting.md b/skills/ms-ai-advisor/references/prompt-engineering/error-handling-and-fallback-prompting.md index 2c06273..ccc4711 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/error-handling-and-fallback-prompting.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/error-handling-and-fallback-prompting.md @@ -686,14 +686,14 @@ User Request ## Kilder og verifisering **Primærkilder (Microsoft Learn):** -1. [Azure OpenAI supported programming languages - Error handling](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/supported-languages) – Offisiell dokumentasjon for retry-mekanismer i alle SDK-er +1. [Azure OpenAI supported programming languages - Error handling](https://learn.microsoft.com/en-us/azure/foundry/openai/supported-languages) – Offisiell dokumentasjon for retry-mekanismer i alle SDK-er 2. [Architecture strategies for self-preservation](https://learn.microsoft.com/en-us/azure/well-architected/reliability/self-preservation) – Azure Well-Architected Framework reliability-mønstre 3. [Azure OpenAI Priority-Based Load Balancer (GitHub)](https://github.com/Azure-Samples/openai-aca-lb) – Referanseimplementasjon av smart load balancing -4. [Troubleshooting Azure OpenAI On Your Data](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/on-your-data-best-practices) – Best practices for debugging og error handling +4. [Troubleshooting Azure OpenAI On Your Data](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/on-your-data-best-practices) – Best practices for debugging og error handling 5. [llm-content-safety policy (APIM)](https://learn.microsoft.com/en-us/azure/api-management/llm-content-safety-policy) (Re-verified MCP 2026-04) – Content safety enforcement i API Management. Policy-attributter: backend-id, shield-prompt, enforce-on-completions, window-size, output-type, threshold (0-7), blocklists. **Sekundærkilder:** -6. [Azure OpenAI FAQ](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/faq) – Vanlige feilsituasjoner og workarounds +6. [Azure OpenAI FAQ](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/faq) – Vanlige feilsituasjoner og workarounds 7. [OWASP Top 10 for LLM - Improper Output Handling](https://genai.owasp.org/llmrisk/llm052025-improper-output-handling/) – Sikkerhetshensyn ved output validation 8. [Reliability Maturity Model](https://learn.microsoft.com/en-us/azure/well-architected/reliability/maturity-model) – Graceful degradation og testing diff --git a/skills/ms-ai-advisor/references/prompt-engineering/few-shot-learning-techniques.md b/skills/ms-ai-advisor/references/prompt-engineering/few-shot-learning-techniques.md index 77568a9..c73b30a 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/few-shot-learning-techniques.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/few-shot-learning-techniques.md @@ -510,11 +510,11 @@ User Query **Verified (MCP microsoft-learn, januar 2026):** 1. **Prompt engineering techniques** (Azure AI Foundry) - - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/prompt-engineering + - https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/prompt-engineering - Seksjon: Few-shot learning, Zero-shot learning, Examples 2. **Work with chat completions models** - - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/chatgpt + - https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/chatgpt - Seksjon: Few-shot learning with chat completion 3. **Zero-shot and few-shot learning** (.NET AI conceptual) (Re-verified MCP 2026-04) @@ -522,11 +522,11 @@ User Query - Primære use cases, performance baselines, caveats (false patterns, token limits, reasoning gaps) 4. **Chat Markup Language ChatML** - - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/chat-markup-language + - https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/responses - Few-shot eksempler i ChatML-format 5. **Transparency note for Azure OpenAI** - - https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/transparency-note + - https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/transparency-note - In-context learning: Zero-shot, One-shot, Few-shot definitioner **Code samples verified:** diff --git a/skills/ms-ai-advisor/references/prompt-engineering/function-calling-and-tool-use.md b/skills/ms-ai-advisor/references/prompt-engineering/function-calling-and-tool-use.md index cc7e17e..caf9d83 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/function-calling-and-tool-use.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/function-calling-and-tool-use.md @@ -272,7 +272,7 @@ assistant = client.beta.assistants.create( ### Azure Logic Apps -[Azure Logic Apps kan integreres](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/assistants-logic-apps) med Assistants API for å håndtere function execution. +[Azure Logic Apps kan integreres](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/assistants-logic-apps) med Assistants API for å håndtere function execution. ### On Your Data (Azure AI Search + OpenAI) @@ -421,7 +421,7 @@ Function calling påvirker kostnaden på flere måter: - Start med én enkel funksjon (f.eks. `get_current_time`) - Bruk `tool_choice: "auto"` og observer modellens oppførsel - Implementer robust error handling før produksjon -- Les Microsoft's [responsible AI guidelines](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/overview) +- Les Microsoft's [responsible AI guidelines](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/overview) **Viderekomne (har bygget noen agenter):** - Implementer parallel function calling for bedre performance @@ -439,11 +439,11 @@ Function calling påvirker kostnaden på flere måter: **Verified (fra Microsoft Learn MCP-research):** -1. [How to use function calling with Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/function-calling) — **Konfidensnivå: Høy** (offisiell dokumentasjon, oppdatert januar 2026) +1. [How to use function calling with Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/function-calling) — **Konfidensnivå: Høy** (offisiell dokumentasjon, oppdatert januar 2026) 2. [Understand OpenAI function calling](https://learn.microsoft.com/en-us/dotnet/ai/conceptual/understanding-openai-functions) — **Konfidensnivå: Høy** (konseptuell guide med Semantic Kernel-eksempler) -3. [Azure OpenAI Assistants function calling](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/assistant-functions) — **Konfidensnivå: Høy** (Assistants API-spesifikk dokumentasjon) -4. [Fine-tuning functions](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/fine-tuning-functions) — **Konfidensnivå: Høy** (for advanced use cases) -5. [Structured outputs](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/structured-outputs) — **Konfidensnivå: Høy** (komplementær teknikk til function calling) +3. [Azure OpenAI Assistants function calling](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/assistant-functions) — **Konfidensnivå: Høy** (Assistants API-spesifikk dokumentasjon) +4. [Fine-tuning functions](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/fine-tuning-functions) — **Konfidensnivå: Høy** (for advanced use cases) +5. [Structured outputs](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/structured-outputs) — **Konfidensnivå: Høy** (komplementær teknikk til function calling) **Baseline (fra modellkunnskap januar 2025):** diff --git a/skills/ms-ai-advisor/references/prompt-engineering/grounding-and-knowledge-injection.md b/skills/ms-ai-advisor/references/prompt-engineering/grounding-and-knowledge-injection.md index d2a8e68..e8b98b7 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/grounding-and-knowledge-injection.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/grounding-and-knowledge-injection.md @@ -496,12 +496,12 @@ Sources: ## Kilder og verifisering **MCP-kilder (Verified):** -1. Microsoft Learn: [Prompt Engineering Techniques](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/prompt-engineering) – Groundedness context, citation best practices -2. Microsoft Learn: [Groundedness Detection Filter](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/content-filter-groundedness) – RAG definition, ungroundedness detection +1. Microsoft Learn: [Prompt Engineering Techniques](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/prompt-engineering) – Groundedness context, citation best practices +2. Microsoft Learn: [Groundedness Detection Filter](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/content-filter-groundedness) – RAG definition, ungroundedness detection 3. Microsoft Learn: [Secure Multitenant RAG](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/secure-multitenant-rag) – Tenant isolation, API-layer, security trimming 4. Microsoft Learn: [Copilot Studio Knowledge Sources](https://learn.microsoft.com/en-us/microsoft-copilot-studio/knowledge-copilot-connectors) – SharePoint, connectors, tenant graph grounding 5. Microsoft Learn: [Web Search in Copilot Studio](https://learn.microsoft.com/en-us/microsoft-copilot-studio/data-privacy-security-web-search) – Bing integration, privacy considerations -6. Microsoft Learn: [Azure AI Agents (Bing Grounding)](https://learn.microsoft.com/en-us/azure/ai-foundry/agents/how-to/tools/web-overview) – Web grounding workflow +6. Microsoft Learn: [Azure AI Agents (Bing Grounding)](https://learn.microsoft.com/en-us/azure/foundry/agents/how-to/tools/web-overview) – Web grounding workflow **Konfidensnivå per seksjon:** | Seksjon | Konfidensnivå | Kilde | diff --git a/skills/ms-ai-advisor/references/prompt-engineering/multi-turn-conversation-management.md b/skills/ms-ai-advisor/references/prompt-engineering/multi-turn-conversation-management.md index 956c6ed..7598e5d 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/multi-turn-conversation-management.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/multi-turn-conversation-management.md @@ -294,7 +294,7 @@ AgentSession resumedSession = await agent.DeserializeSessionAsync(serializedSess | gpt-35-turbo | 16K tokens | 14K | | o1, o3-mini, o4-mini | 128K-200K | Varierer per modell | -**Viktig:** Sjekk alltid [models page](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/models) for oppdaterte limits. +**Viktig:** Sjekk alltid [models page](https://learn.microsoft.com/en-us/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure) for oppdaterte limits. ### Truncation-strategi @@ -638,7 +638,7 @@ User → Copilot Studio → Azure OpenAI ### Microsoft Learn (offisiell dokumentasjon) 1. **Work with chat completions models** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/chatgpt + https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/chatgpt *Kjernereferanse for Chat Completion API, conversation loop patterns, token management* 2. **Multi-turn conversations with an agent** @@ -646,19 +646,19 @@ User → Copilot Studio → Azure OpenAI *Agent Framework session management, stateless architecture* 3. **Azure OpenAI stored completions & distillation** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/stored-completions + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/stored-completions *Stored completions feature, metadata enrichment* 4. **Azure OpenAI quotas and limits** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/quotas-limits + https://learn.microsoft.com/en-us/azure/foundry/openai/quotas-limits *Token limits per modell, TPM/RPM relationship, rate limiting* 5. **Manage Azure OpenAI quota** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/quota + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/quota *Rate limit mechanics, best practices, token counting for rate limits* 6. **Azure OpenAI Assistants API context window management** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/assistants + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/assistants *Truncation strategies, max_prompt_tokens, max_completion_tokens* 7. **CLU multi-turn conversations** diff --git a/skills/ms-ai-advisor/references/prompt-engineering/multimodal-prompt-design.md b/skills/ms-ai-advisor/references/prompt-engineering/multimodal-prompt-design.md index 019ec16..2eeb8f0 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/multimodal-prompt-design.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/multimodal-prompt-design.md @@ -542,10 +542,10 @@ AzureDiagnostics ## Kilder og verifisering **Microsoft Learn dokumentasjon (verifisert 2026-02):** -- [Use vision-enabled chat models](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/gpt-with-vision) — Offisiell how-to guide for GPT-4o/GPT-4 Turbo with Vision +- [Use vision-enabled chat models](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/gpt-with-vision) — Offisiell how-to guide for GPT-4o/GPT-4 Turbo with Vision - [Image prompt engineering techniques](https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/gpt-4-v-prompt-engineering) — Best practices for multimodal prompting - [Multimodal search in Azure AI Search](https://learn.microsoft.com/en-us/azure/search/multimodal-search-overview) (Re-verified MCP 2026-04) — RAG-arkitektur; extraction skill-sammenligning (Document Extraction vs Layout vs Content Understanding); verbalization vs direct embeddings; hybrid query-alternativ -- [Azure OpenAI models](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/models) — Modelloversikt og token-kostnader +- [Azure OpenAI models](https://learn.microsoft.com/en-us/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure) — Modelloversikt og token-kostnader - [Quickstart: Multimodal search in Azure portal](https://learn.microsoft.com/en-us/azure/search/search-get-started-portal-image-search) — Wizard-basert oppsett - [Get started with multimodal vision chat apps](https://learn.microsoft.com/en-us/azure/developer/ai/get-started-app-chat-vision) — End-to-end sample app med Base64 encoding diff --git a/skills/ms-ai-advisor/references/prompt-engineering/prompt-testing-and-evaluation.md b/skills/ms-ai-advisor/references/prompt-engineering/prompt-testing-and-evaluation.md index fd8b3c0..d08de5b 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/prompt-testing-and-evaluation.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/prompt-testing-and-evaluation.md @@ -1063,15 +1063,15 @@ def grade(sample: dict, item: dict) -> float: ## Kilder og verifisering **Primary Sources (Microsoft Learn):** -1. [Evaluate generative AI models and applications - Azure AI Foundry](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/evaluate-generative-ai-app?view=foundry-classic) — GA +1. [Evaluate generative AI models and applications - Azure AI Foundry](https://learn.microsoft.com/en-us/azure/foundry/how-to/evaluate-generative-ai-app?view=foundry-classic) — GA 2. [Evaluation flows and metrics - Azure Machine Learning Prompt Flow](https://learn.microsoft.com/en-us/azure/machine-learning/prompt-flow/how-to-develop-an-evaluation-flow?view=azureml-api-2) — GA 3. [Azure AI Evaluation SDK - Python API](https://learn.microsoft.com/en-us/python/api/overview/azure/ai-evaluation-readme?view=azure-python) — GA -4. [Agent evaluation with Azure AI Evaluation SDK](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/develop/agent-evaluate-sdk?view=foundry-classic) — GA +4. [Agent evaluation with Azure AI Evaluation SDK](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/develop/agent-evaluate-sdk?view=foundry-classic) — GA **Code Samples (Microsoft Learn):** -1. [Cloud evaluation with Azure AI Projects SDK](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/develop/cloud-evaluation?view=foundry-classic) -2. [Continuous evaluation setup](https://learn.microsoft.com/en-us/azure/ai-foundry/observability/how-to/how-to-monitor-agents-dashboard?view=foundry) -3. [Custom evaluator registration](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/develop/cloud-evaluation?view=foundry-classic#specify-custom-evaluators) +1. [Cloud evaluation with Azure AI Projects SDK](https://learn.microsoft.com/en-us/azure/foundry/how-to/develop/cloud-evaluation?view=foundry-classic) +2. [Continuous evaluation setup](https://learn.microsoft.com/en-us/azure/foundry/observability/how-to/how-to-monitor-agents-dashboard?view=foundry) +3. [Custom evaluator registration](https://learn.microsoft.com/en-us/azure/foundry/how-to/develop/cloud-evaluation?view=foundry-classic#specify-custom-evaluators) **Last Verified:** 2026-02-04 **Version:** Azure AI Foundry v2 (2024-2026), Prompt Flow v1.13+ (2024-2026) diff --git a/skills/ms-ai-advisor/references/prompt-engineering/real-time-reasoning-performance.md b/skills/ms-ai-advisor/references/prompt-engineering/real-time-reasoning-performance.md index 491ef45..130173a 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/real-time-reasoning-performance.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/real-time-reasoning-performance.md @@ -485,15 +485,15 @@ Deployment C: Chatbot (variabel prompt, medium output) **Primary sources:** 1. **Performance and latency** (Azure OpenAI) - [https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/latency](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/latency) + [https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/latency](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/latency) Hentet: januar 2026. Dekker streaming, max_tokens, content filtering, workload separation, metrics. 2. **GPT Realtime API for speech and audio** - [https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/realtime-audio](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/realtime-audio) + [https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/realtime-audio](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/realtime-audio) Hentet: januar 2026. Dekker WebRTC/WebSocket, VAD modes, session configuration, supported models. 3. **GPT-4o Realtime API quickstart** - [https://learn.microsoft.com/en-us/azure/ai-foundry/openai/realtime-audio-quickstart](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/realtime-audio-quickstart) + [https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/realtime-audio](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/realtime-audio) Hentet: januar 2026. Kode-eksempler for Python, JavaScript, deployment steps. 4. **Lower speech synthesis latency using Speech SDK** (Re-verified MCP 2026-04) diff --git a/skills/ms-ai-advisor/references/prompt-engineering/reasoning-models-o1-o3-optimization.md b/skills/ms-ai-advisor/references/prompt-engineering/reasoning-models-o1-o3-optimization.md index 0b93594..61c2964 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/reasoning-models-o1-o3-optimization.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/reasoning-models-o1-o3-optimization.md @@ -516,19 +516,19 @@ Denne kunnskapsreferansen er basert på offisiell Microsoft Learn-dokumentasjon **Primary sources:** 1. **Azure OpenAI reasoning models** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/reasoning + https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/reasoning *Confidence: Verified (MCP fetch 2026-02)* 2. **Azure OpenAI model availability and pricing** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/models + https://learn.microsoft.com/en-us/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure *Confidence: Verified (MCP fetch 2026-02)* 3. **Reasoning models with Microsoft Foundry Models** - https://learn.microsoft.com/en-us/azure/ai-foundry/foundry-models/how-to/use-chat-reasoning + https://learn.microsoft.com/en-us/azure/foundry-classic/foundry-models/how-to/use-chat-reasoning *Confidence: Verified (MCP search 2026-02)* 4. **Azure OpenAI function calling support** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/function-calling + https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/function-calling *Confidence: Verified (MCP search 2026-02)* 5. **GPT-5 prompting guide (OpenAI)** diff --git a/skills/ms-ai-advisor/references/prompt-engineering/regulatory-and-compliance-prompting.md b/skills/ms-ai-advisor/references/prompt-engineering/regulatory-and-compliance-prompting.md index 34da78a..0429789 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/regulatory-and-compliance-prompting.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/regulatory-and-compliance-prompting.md @@ -860,7 +860,7 @@ Før produksjonsdeploy, gjennomfør en 2-dagers compliance sprint: ### Microsoft Official Documentation 1. **Data, privacy, and security for Azure OpenAI** (februar 2026) - https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/data-privacy + https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/data-privacy → Autoritativ kilde for data processing, abuse monitoring, residency 2. **Govern AI apps and data for regulatory compliance** (februar 2026) @@ -868,7 +868,7 @@ Før produksjonsdeploy, gjennomfør en 2-dagers compliance sprint: → Compliance Manager, Purview integration, EU AI Act readiness 3. **Azure OpenAI Content Filtering** (februar 2026) - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/content-filter + https://learn.microsoft.com/en-us/azure/foundry-classic/foundry-models/concepts/content-filter → Content Safety API, thresholds, custom policies 4. **Azure Data Residency** (februar 2026) diff --git a/skills/ms-ai-advisor/references/prompt-engineering/role-playing-and-persona-techniques.md b/skills/ms-ai-advisor/references/prompt-engineering/role-playing-and-persona-techniques.md index 657a6c3..69bff75 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/role-playing-and-persona-techniques.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/role-playing-and-persona-techniques.md @@ -666,22 +666,22 @@ If uncertain, explain limitations. **Microsoft Learn (offisielle kilder):** -1. [System message design - Azure AI Foundry](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/advanced-prompt-engineering) +1. [System message design - Azure AI Foundry](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/advanced-prompt-engineering) *Komplett guide til system message design, key concepts, og best practices* -2. [Safety system messages - Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/system-message) +2. [Safety system messages - Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/system-message) *Authoring techniques, safety components, og testing strategies* -3. [Prompt engineering techniques - Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/prompt-engineering) +3. [Prompt engineering techniques - Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/prompt-engineering) *Bredere prompt-veiledning inkludert few-shot og token efficiency* 4. [Use prompts in Copilot Studio](https://learn.microsoft.com/en-us/microsoft-copilot-studio/nlu-prompt-node) (Re-verified MCP 2026-04) *Prompt editor features: natural language creation, template library, model selection (Azure OpenAI/Foundry), temperature, knowledge retrieval, code interpreter. Prompt-nivå: agent-tool, topic-node, agent flow-node.* -5. [Azure OpenAI On Your Data - Best practices](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/use-your-data) +5. [Azure OpenAI On Your Data - Best practices](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/use-your-data) *System message bruk i RAG-scenarier* -6. [Responsible AI practices for Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/overview) +6. [Responsible AI practices for Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/overview) *Metaprompt tuning som mitigation strategy* **Code samples verifisert:** diff --git a/skills/ms-ai-advisor/references/prompt-engineering/structured-output-formatting.md b/skills/ms-ai-advisor/references/prompt-engineering/structured-output-formatting.md index dcc3e23..13d8fdb 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/structured-output-formatting.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/structured-output-formatting.md @@ -420,10 +420,10 @@ Krever Azure OpenAI-ressurs med støttet modell (se over). Ingen spesiell lisens | URL | Tema | Konfidensnivå | |-----|------|---------------| -| [Structured Outputs Guide](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/structured-outputs) | Hovedguide, API-eksempler, schema-begrensninger | **Verified** (2026-02) | -| [JSON Mode Guide](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/json-mode) | JSON Mode (legacy), sammenlikning med structured outputs | **Verified** (2026-02) | -| [API Reference (v1)](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/latest) | REST API-detaljer, response_format konfigurasjon | **Verified** (2026-02) | -| [Prompt Engineering Guide](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/prompt-engineering) | Output structure best practices | **Verified** (2026-02) | +| [Structured Outputs Guide](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/structured-outputs) | Hovedguide, API-eksempler, schema-begrensninger | **Verified** (2026-02) | +| [JSON Mode Guide](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/json-mode) | JSON Mode (legacy), sammenlikning med structured outputs | **Verified** (2026-02) | +| [API Reference (v1)](https://learn.microsoft.com/en-us/azure/foundry/openai/latest) | REST API-detaljer, response_format konfigurasjon | **Verified** (2026-02) | +| [Prompt Engineering Guide](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/prompt-engineering) | Output structure best practices | **Verified** (2026-02) | ### Azure OpenAI API-versjon - **Introduced:** `2024-08-01-preview` diff --git a/skills/ms-ai-advisor/references/prompt-engineering/system-message-design-patterns.md b/skills/ms-ai-advisor/references/prompt-engineering/system-message-design-patterns.md index 5e84db3..dfd4228 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/system-message-design-patterns.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/system-message-design-patterns.md @@ -340,11 +340,11 @@ For store organisasjoner med mange AI-assistenter: ## Kilder og verifisering **Verified (fra Microsoft Learn MCP):** -- System message design concepts: [https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/advanced-prompt-engineering](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/advanced-prompt-engineering) -- Prompt engineering techniques: [https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/prompt-engineering](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/prompt-engineering) -- Safety system messages: [https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/system-message](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/system-message) -- Code samples (Python SDK): [https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/chatgpt](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/chatgpt) -- Azure OpenAI On Your Data best practices: [https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/use-your-data](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/use-your-data) +- System message design concepts: [https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/advanced-prompt-engineering](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/advanced-prompt-engineering) +- Prompt engineering techniques: [https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/prompt-engineering](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/prompt-engineering) +- Safety system messages: [https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/system-message](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/system-message) +- Code samples (Python SDK): [https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/chatgpt](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/chatgpt) +- Azure OpenAI On Your Data best practices: [https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/use-your-data](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/use-your-data) **Baseline (modellkunnskap):** - EU AI Act compliance patterns (February 2026) diff --git a/skills/ms-ai-advisor/references/prompt-engineering/temperature-sampling-and-parameters.md b/skills/ms-ai-advisor/references/prompt-engineering/temperature-sampling-and-parameters.md index 09dc72b..79ece1a 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/temperature-sampling-and-parameters.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/temperature-sampling-and-parameters.md @@ -559,13 +559,13 @@ for config in test_configs: ## Kilder og verifisering ### Microsoft Learn dokumentasjon -1. [Prompt engineering techniques — Temperature and Top_p parameters](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/prompt-engineering#temperature-and-top_p-parameters) -2. [Azure OpenAI REST API reference — Completions](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/reference#completions) -3. [Reproducible output with seed parameter](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/reproducible-output) -4. [Model Router limitations (o-series)](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/model-router#use-model-router-in-chats) +1. [Prompt engineering techniques — Temperature and Top_p parameters](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/prompt-engineering#temperature-and-top_p-parameters) +2. [Azure OpenAI REST API reference — Completions](https://learn.microsoft.com/en-us/azure/foundry/openai/reference#completions) +3. [Reproducible output with seed parameter](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/reproducible-output) +4. [Model Router limitations (o-series)](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/model-router#use-model-router-in-chats) ### Code samples -5. [Azure OpenAI Python SDK — Chat Completions](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/supported-languages?pivots=programming-language-python#chat) +5. [Azure OpenAI Python SDK — Chat Completions](https://learn.microsoft.com/en-us/azure/foundry/openai/supported-languages?pivots=programming-language-python#chat) 6. [Semantic Kernel — OpenAIPromptExecutionSettings](https://learn.microsoft.com/en-us/dotnet/api/microsoft.semantickernel.connectors.openai.openaipromptexecutionsettings) ### Validert dato diff --git a/skills/ms-ai-advisor/references/prompt-engineering/token-optimization-and-efficiency.md b/skills/ms-ai-advisor/references/prompt-engineering/token-optimization-and-efficiency.md index 0b7289b..3ab3eeb 100644 --- a/skills/ms-ai-advisor/references/prompt-engineering/token-optimization-and-efficiency.md +++ b/skills/ms-ai-advisor/references/prompt-engineering/token-optimization-and-efficiency.md @@ -583,10 +583,10 @@ Break-even requests/måned: $1,224 / $0.00036 = 3.4M requests ## Kilder og verifisering **Offisiell Microsoft-dokumentasjon:** -1. [Prompt caching for Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/prompt-caching) -2. [Plan and manage costs for Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/manage-costs) -3. [Performance and latency optimization](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/latency) -4. [Batch API for Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/batch) +1. [Prompt caching for Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/prompt-caching) +2. [Plan and manage costs for Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs) +3. [Performance and latency optimization](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/latency) +4. [Batch API for Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/batch) 5. [Azure OpenAI pricing](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) **Verifisert:** Februar 2026 via microsoft-learn MCP-server diff --git a/skills/ms-ai-engineering/references/agent-orchestration/agent-autonomy-and-control-governance.md b/skills/ms-ai-engineering/references/agent-orchestration/agent-autonomy-and-control-governance.md index dbf5a30..4dc9506 100644 --- a/skills/ms-ai-engineering/references/agent-orchestration/agent-autonomy-and-control-governance.md +++ b/skills/ms-ai-engineering/references/agent-orchestration/agent-autonomy-and-control-governance.md @@ -390,7 +390,7 @@ workflow = ( 3. [Process to build agents across your organization](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ai-agents/build-secure-process) Confidence: High — Tool boundaries, human-in-the-loop mandates, compliance frameworks -4. [Guardrails and controls overview in Microsoft Foundry](https://learn.microsoft.com/en-us/azure/ai-foundry/guardrails/guardrails-overview) +4. [Guardrails and controls overview in Microsoft Foundry](https://learn.microsoft.com/en-us/azure/foundry/guardrails/guardrails-overview) Confidence: High — Intervention points, risk categories, agent vs. model guardrails 5. [Secure AI agents at scale using Microsoft Agent 365](https://learn.microsoft.com/en-us/security/security-for-ai/agent-365-security) diff --git a/skills/ms-ai-engineering/references/agent-orchestration/agent-evaluation-testing-frameworks.md b/skills/ms-ai-engineering/references/agent-orchestration/agent-evaluation-testing-frameworks.md index dadb103..f773fda 100644 --- a/skills/ms-ai-engineering/references/agent-orchestration/agent-evaluation-testing-frameworks.md +++ b/skills/ms-ai-engineering/references/agent-orchestration/agent-evaluation-testing-frameworks.md @@ -482,19 +482,19 @@ results = mlflow.genai.evaluate( ### Microsoft Learn (MCP-verified) 1. **Evaluate your AI agents (preview)** - https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/develop/agent-evaluate-sdk?view=foundry-classic + https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/develop/agent-evaluate-sdk?view=foundry-classic *Confidence: Verified* — Hovedreferanse for Azure AI Evaluation SDK, evaluator types, model support 2. **Continuously evaluate your AI agents (preview)** - https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/continuous-evaluation-agents?view=foundry-classic + https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/continuous-evaluation-agents?view=foundry-classic *Confidence: Verified* — Continuous evaluation setup, sampling configuration, Application Insights integration 3. **Run evaluations in the cloud by using the Microsoft Foundry SDK** - https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/develop/cloud-evaluation?view=foundry-classic + https://learn.microsoft.com/en-us/azure/foundry/how-to/develop/cloud-evaluation?view=foundry-classic *Confidence: Verified* — Cloud batch evaluation, CI/CD integration, dataset formats 4. **Tutorial: Idea to prototype - Build and evaluate an enterprise agent** - https://learn.microsoft.com/en-us/azure/ai-foundry/tutorials/developer-journey-idea-to-prototype?view=foundry + https://learn.microsoft.com/en-us/azure/foundry/tutorials/developer-journey-idea-to-prototype?view=foundry *Confidence: Verified* — End-to-end tutorial med cloud evaluation, built-in evaluators 5. **Test and evaluate AI workloads on Azure (Well-Architected Framework)** @@ -502,15 +502,15 @@ results = mlflow.genai.evaluate( *Confidence: Verified* — Agentic workflow testing strategy, tool call validation, security testing 6. **Observability in generative AI** - https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/observability + https://learn.microsoft.com/en-us/azure/foundry/concepts/observability *Confidence: Verified* — Built-in evaluators list, GenAIOps evaluation stages, simulators 7. **What are hosted agents? (Evaluate and test hosted agents)** - https://learn.microsoft.com/en-us/azure/ai-foundry/agents/concepts/hosted-agents?view=foundry#evaluate-and-test-hosted-agents + https://learn.microsoft.com/en-us/azure/foundry/agents/concepts/hosted-agents?view=foundry#evaluate-and-test-hosted-agents *Confidence: Verified* — Hosted agent evaluation best practices, test dataset creation 8. **Agent evaluators** - https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/evaluation-evaluators/agent-evaluators?view=foundry + https://learn.microsoft.com/en-us/azure/foundry/concepts/evaluation-evaluators/agent-evaluators?view=foundry *Confidence: Verified* — Agent-specific evaluator details (Intent Resolution, Task Adherence, Tool Call Accuracy) 9. **Evaluate and monitor AI agents (MLflow 3 on Databricks)** diff --git a/skills/ms-ai-engineering/references/agent-orchestration/agent-memory-and-context-management.md b/skills/ms-ai-engineering/references/agent-orchestration/agent-memory-and-context-management.md index cdcaf24..4ba0eba 100644 --- a/skills/ms-ai-engineering/references/agent-orchestration/agent-memory-and-context-management.md +++ b/skills/ms-ai-engineering/references/agent-orchestration/agent-memory-and-context-management.md @@ -461,7 +461,7 @@ Gir data lineage tracking og governance-enforcement. Confidence: ✅ Verified (Mem0Provider, WhiteboardProvider documentation) 2. **Foundry Agent Service Memory (preview)** - https://learn.microsoft.com/en-us/azure/ai-foundry/agents/concepts/what-is-memory?view=foundry + https://learn.microsoft.com/en-us/azure/foundry/agents/concepts/what-is-memory?view=foundry Confidence: ✅ Verified (Managed Memory Store, extraction/consolidation/retrieval phases) 3. **Agent Framework Chat History Providers** @@ -485,7 +485,7 @@ Gir data lineage tracking og governance-enforcement. Confidence: ✅ Verified (Hierarchical memory: knowledge, long-term, short-term) 8. **Azure OpenAI Web App Chat History (Cosmos DB)** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/use-web-app + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/use-web-app Confidence: ✅ Verified (Cosmos DB enablement for chat history) ### Konfidensnivå per seksjon @@ -505,13 +505,13 @@ Gir data lineage tracking og governance-enforcement. ### Unique Microsoft Learn URLs accessed 1. `/semantic-kernel/frameworks/agent/agent-memory` -2. `/azure/ai-foundry/agents/concepts/what-is-memory` +2. `/azure/foundry/agents/concepts/what-is-memory` 3. `/agent-framework/integrations/overview` 4. `/azure/copilot/bring-your-own-storage` 5. `/semantic-kernel/concepts/vector-store-connectors/memory-stores` 6. `/agent-framework/tutorials/agents/multi-turn-conversation` 7. `/azure/cloud-adoption-framework/ai-agents/build-secure-process` -8. `/azure/ai-foundry/openai/how-to/use-web-app` +8. `/azure/foundry-classic/openai/how-to/use-web-app` **Total unique sources**: 8 Microsoft Learn URLs **MCP calls**: 6 (3x microsoft_docs_search, 2x microsoft_docs_fetch, 1x microsoft_code_sample_search) diff --git a/skills/ms-ai-engineering/references/agent-orchestration/agent-to-agent-a2a-protocol.md b/skills/ms-ai-engineering/references/agent-orchestration/agent-to-agent-a2a-protocol.md index 2fb1d54..cbd0ac7 100644 --- a/skills/ms-ai-engineering/references/agent-orchestration/agent-to-agent-a2a-protocol.md +++ b/skills/ms-ai-engineering/references/agent-orchestration/agent-to-agent-a2a-protocol.md @@ -654,11 +654,11 @@ app.MapA2A(agent, "/a2a/my-agent", agentCard: new() ### Microsoft Learn (Verified) 1. **Foundry Agent Service — A2A Tool** - - https://learn.microsoft.com/azure/ai-foundry/agents/how-to/tools/agent-to-agent + - https://learn.microsoft.com/azure/foundry/agents/how-to/tools/agent-to-agent - Confidence: **Verified** (offisiell guide, preview, februar 2026) 2. **A2A Authentication in Foundry** - - https://learn.microsoft.com/azure/ai-foundry/agents/concepts/agent-to-agent-authentication + - https://learn.microsoft.com/azure/foundry/agents/concepts/agent-to-agent-authentication - Confidence: **Verified** (offisiell auth-guide, februar 2026) 3. **Copilot Studio — Connect A2A Agent** diff --git a/skills/ms-ai-engineering/references/agent-orchestration/computer-using-agents-cua.md b/skills/ms-ai-engineering/references/agent-orchestration/computer-using-agents-cua.md index 9dc55e7..cdcadd2 100644 --- a/skills/ms-ai-engineering/references/agent-orchestration/computer-using-agents-cua.md +++ b/skills/ms-ai-engineering/references/agent-orchestration/computer-using-agents-cua.md @@ -482,7 +482,7 @@ Kostnader basert på: ### Microsoft Learn (Verified) 1. **Foundry Agent Service Computer Use Tool** - - https://learn.microsoft.com/azure/ai-foundry/agents/how-to/tools/computer-use + - https://learn.microsoft.com/azure/foundry/agents/how-to/tools/computer-use - Confidence: **Verified** (offisiell Foundry-dokumentasjon, sep 2025) 2. **Automate web and desktop apps with computer use — Copilot Studio** @@ -494,7 +494,7 @@ Kostnader basert på: - Confidence: **Verified** (Copilot Studio docs, 2025) 4. **Browser Automation (preview) — Foundry Agent Service** - - https://learn.microsoft.com/azure/ai-foundry/agents/how-to/tools/browser-automation + - https://learn.microsoft.com/azure/foundry/agents/how-to/tools/browser-automation - Confidence: **Verified** (aug 2025, public preview) 5. **CUA vs RPA — Use agent tools to extend agents** diff --git a/skills/ms-ai-engineering/references/agent-orchestration/foundry-agent-service-ga.md b/skills/ms-ai-engineering/references/agent-orchestration/foundry-agent-service-ga.md index 3920f6e..4b6805e 100644 --- a/skills/ms-ai-engineering/references/agent-orchestration/foundry-agent-service-ga.md +++ b/skills/ms-ai-engineering/references/agent-orchestration/foundry-agent-service-ga.md @@ -327,7 +327,7 @@ Foundry Agent Service er tilgjengelig i følgende Azure-regioner (per februar 20 - Code Interpreter er ikke tilgjengelig i alle regioner **Sjekk regional verktøytilgjengelighet:** -[learn.microsoft.com/azure/ai-foundry/agents/concepts/tool-best-practice#tool-support-by-region-and-model](https://learn.microsoft.com/azure/ai-foundry/agents/concepts/tool-best-practice?view=foundry#tool-support-by-region-and-model) +[learn.microsoft.com/azure/foundry/agents/concepts/tool-best-practice#tool-support-by-region-and-model](https://learn.microsoft.com/azure/foundry/agents/concepts/tool-best-practice?view=foundry#tool-support-by-region-and-model) ## Enterprise-sikkerhet og governance @@ -475,27 +475,27 @@ Rate limiting skjer på modell-deployment-nivå, ikke Agent Service-nivå. Se Az ### Microsoft Learn (Verified) 1. **What is Foundry Agent Service?** - - https://learn.microsoft.com/azure/ai-foundry/agents/overview?view=foundry-classic + - https://learn.microsoft.com/azure/foundry/agents/overview?view=foundry-classic - Confidence: **Verified** (offisiell oversikt, GA-dokumentasjon) 2. **What's new in Foundry Agent Service (GA mai 2025)** - - https://learn.microsoft.com/azure/ai-foundry/agents/whats-new?view=foundry-classic + - https://learn.microsoft.com/azure/foundry-classic/agents/whats-new?view=foundry-classic - Confidence: **Verified** (changelog, mai–juni 2025) 3. **Connected Agents** - - https://learn.microsoft.com/azure/ai-foundry/agents/how-to/connected-agents?view=foundry-classic + - https://learn.microsoft.com/azure/foundry-classic/agents/how-to/connected-agents?view=foundry-classic - Confidence: **Verified** (multi-agent SDK guide og eksempler) 4. **Foundry Agent Service limits, quotas, and regional support** - - https://learn.microsoft.com/azure/ai-foundry/agents/concepts/limits-quotas-regions?view=foundry + - https://learn.microsoft.com/azure/foundry/agents/concepts/limits-quotas-regions?view=foundry - Confidence: **Verified** (komplett region- og grense-tabell) 5. **MCP tool — Foundry Agent Service** - - https://learn.microsoft.com/azure/ai-foundry/agents/how-to/tools-classic/model-context-protocol-samples?view=foundry-classic + - https://learn.microsoft.com/azure/foundry-classic/agents/how-to/tools-classic/model-context-protocol-samples?view=foundry-classic - Confidence: **Verified** (C# og Python code samples) 6. **Threads, runs, and messages** - - https://learn.microsoft.com/azure/ai-foundry/agents/concepts/threads-runs-messages?view=foundry-classic + - https://learn.microsoft.com/azure/foundry-classic/agents/concepts/threads-runs-messages?view=foundry-classic - Confidence: **Verified** (kjernekonsept-dokumentasjon) 7. **AzureAIAgent Foundry GA Migration Guide (SK Python)** @@ -503,11 +503,11 @@ Rate limiting skjer på modell-deployment-nivå, ikke Agent Service-nivå. Se Az - Confidence: **Verified** (breaking changes og migrasjonsguide) 8. **Transparency Note for Azure Agent Service** - - https://learn.microsoft.com/azure/ai-foundry/responsible-ai/agents/transparency-note?view=foundry-classic + - https://learn.microsoft.com/azure/foundry/responsible-ai/agents/transparency-note?view=foundry-classic - Confidence: **Verified** (ansvarlig AI-rammeverk) 9. **Foundry Agent Service FAQ (prising)** - - https://learn.microsoft.com/azure/ai-foundry/agents/faq?view=foundry-classic + - https://learn.microsoft.com/azure/foundry/agents/faq?view=foundry-classic - Confidence: **Verified** (offisiell prisingsforklaring) ### Confidence per seksjon diff --git a/skills/ms-ai-engineering/references/agent-orchestration/foundry-workflows-visual-orchestration.md b/skills/ms-ai-engineering/references/agent-orchestration/foundry-workflows-visual-orchestration.md index 073429c..72f0bc7 100644 --- a/skills/ms-ai-engineering/references/agent-orchestration/foundry-workflows-visual-orchestration.md +++ b/skills/ms-ai-engineering/references/agent-orchestration/foundry-workflows-visual-orchestration.md @@ -583,19 +583,19 @@ Foundry Workflows' visuelle designer gir offentlig sektor-organisasjoner en unik ### Microsoft Learn (Verified) 1. **Build a workflow in Microsoft Foundry** - - https://learn.microsoft.com/azure/ai-foundry/agents/concepts/workflow?view=foundry + - https://learn.microsoft.com/azure/foundry/agents/concepts/workflow?view=foundry - Confidence: **Verified** (offisiell workflow-guide, Foundry new portal) 2. **Agent development lifecycle** - - https://learn.microsoft.com/azure/ai-foundry/agents/concepts/development-lifecycle?view=foundry + - https://learn.microsoft.com/azure/foundry/agents/concepts/development-lifecycle?view=foundry - Confidence: **Verified** (versjonering, publisering, livssyklus, januar 2025) 3. **Publish and share agents in Microsoft Foundry** - - https://learn.microsoft.com/azure/ai-foundry/agents/how-to/publish-agent?view=foundry + - https://learn.microsoft.com/azure/foundry/agents/how-to/agent-applications?view=foundry - Confidence: **Verified** (Agent Application deployment, API-kall, RBAC) 4. **Monitor agents with the Agent Monitoring Dashboard** - - https://learn.microsoft.com/azure/ai-foundry/observability/how-to/how-to-monitor-agents-dashboard?view=foundry + - https://learn.microsoft.com/azure/foundry/observability/how-to/how-to-monitor-agents-dashboard?view=foundry - Confidence: **Verified** (token usage, latency, success rate, evaluators) 5. **Declarative Workflows — Overview (Agent Framework)** @@ -607,7 +607,7 @@ Foundry Workflows' visuelle designer gir offentlig sektor-organisasjoner en unik - Confidence: **Verified** (HITL-mønster, pause og resume, compliance) 7. **Transparency Note for Azure Agent Service** - - https://learn.microsoft.com/azure/ai-foundry/responsible-ai/agents/transparency-note?view=foundry-classic + - https://learn.microsoft.com/azure/foundry/responsible-ai/agents/transparency-note?view=foundry-classic - Confidence: **Verified** (Foundry Workflows capabilities, visioning, governance) ### Microsoft Dev Blog (Verified) diff --git a/skills/ms-ai-engineering/references/agent-orchestration/tool-use-and-function-calling-patterns.md b/skills/ms-ai-engineering/references/agent-orchestration/tool-use-and-function-calling-patterns.md index c840d51..5cd071d 100644 --- a/skills/ms-ai-engineering/references/agent-orchestration/tool-use-and-function-calling-patterns.md +++ b/skills/ms-ai-engineering/references/agent-orchestration/tool-use-and-function-calling-patterns.md @@ -448,12 +448,12 @@ def update_citizen_record(ssn: str, field: str, value: str) -> str: ### Microsoft Learn-kilder (Verified via MCP) -1. [Azure OpenAI Function Calling](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/function-calling) — **Verified 2026-02** +1. [Azure OpenAI Function Calling](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/function-calling) — **Verified 2026-02** 2. [Semantic Kernel Agent Functions](https://learn.microsoft.com/en-us/semantic-kernel/frameworks/agent/agent-functions) — **Verified 2026-02** 3. [Agent Framework - Agent as Function Tool](https://learn.microsoft.com/en-us/agent-framework/tutorials/agents/agent-as-function-tool) — **Verified 2026-02** 4. [AG-UI Backend Tool Rendering](https://learn.microsoft.com/en-us/agent-framework/integrations/ag-ui/backend-tool-rendering) — **Verified (MCP 2026-04)** — AIFunctionFactory.Create() med serializerOptions for komplekse typer (C#), @tool decorator med Annotated/Field (Python), TOOL_CALL_START/ARGS/END/RESULT events, FunctionCallContent/.Arguments og FunctionResultContent/.Result (C#), klasse-baserte tools-moenster (Python) -5. [Azure OpenAI Assistants Function Calling](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/assistant-functions) — **Verified 2026-02** -6. [Structured Outputs](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/structured-outputs) — **Verified 2026-02** +5. [Azure OpenAI Assistants Function Calling](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/assistant-functions) — **Verified 2026-02** +6. [Structured Outputs](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/structured-outputs) — **Verified 2026-02** ### Konfidensnivå per seksjon diff --git a/skills/ms-ai-engineering/references/api-management/multi-region-ai-gateway-design.md b/skills/ms-ai-engineering/references/api-management/multi-region-ai-gateway-design.md index b2f2a9f..0214c33 100644 --- a/skills/ms-ai-engineering/references/api-management/multi-region-ai-gateway-design.md +++ b/skills/ms-ai-engineering/references/api-management/multi-region-ai-gateway-design.md @@ -423,7 +423,7 @@ Hver region krever eget VNet med nødvendige NSG-regler: - [Use a gateway in front of multiple Azure OpenAI deployments or instances](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/azure-openai-gateway-multi-backend) — Arkitekturmønstre for AI gateway - [AI gateway in Azure API Management](https://learn.microsoft.com/en-us/azure/api-management/genai-gateway-capabilities) — Oversikt over AI gateway-kapabiliteter - [Access Azure OpenAI through a gateway](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/azure-openai-gateway-guide) — Well-Architected Framework-veiledning -- [Azure OpenAI deployment types](https://learn.microsoft.com/en-us/azure/ai-foundry/foundry-models/concepts/deployment-types) — Deployment types og data residency +- [Azure OpenAI deployment types](https://learn.microsoft.com/en-us/azure/foundry/foundry-models/concepts/deployment-types) — Deployment types og data residency --- diff --git a/skills/ms-ai-engineering/references/api-management/streaming-support-apim.md b/skills/ms-ai-engineering/references/api-management/streaming-support-apim.md index 88e6ac9..820a755 100644 --- a/skills/ms-ai-engineering/references/api-management/streaming-support-apim.md +++ b/skills/ms-ai-engineering/references/api-management/streaming-support-apim.md @@ -505,7 +505,7 @@ For ikke-streaming requests, bruk standard `llm-emit-token-metric` i outbound: - [Configure API for server-sent events](https://learn.microsoft.com/en-us/azure/api-management/how-to-server-sent-events) — Offisiell SSE-guide for APIM - [AI gateway in Azure API Management](https://learn.microsoft.com/en-us/azure/api-management/genai-gateway-capabilities) — AI gateway oversikt -- [Azure OpenAI REST API reference - Chat Completions](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/reference#chat-completions) — Stream-parameter dokumentasjon +- [Azure OpenAI REST API reference - Chat Completions](https://learn.microsoft.com/en-us/azure/foundry/openai/reference#chat-completions) — Stream-parameter dokumentasjon - [forward-request policy](https://learn.microsoft.com/en-us/azure/api-management/forward-request-policy) — Policy-referanse for forwarding - [Log token usage, prompts, and completions](https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-llm-logs) — LLM-logging i APIM diff --git a/skills/ms-ai-engineering/references/azure-ai-services/ai-services-api-best-practices.md b/skills/ms-ai-engineering/references/azure-ai-services/ai-services-api-best-practices.md index 82dfe1a..cdd35a5 100644 --- a/skills/ms-ai-engineering/references/azure-ai-services/ai-services-api-best-practices.md +++ b/skills/ms-ai-engineering/references/azure-ai-services/ai-services-api-best-practices.md @@ -709,11 +709,11 @@ AzureDiagnostics - Confidence: **Verified** (MCP fetch) 4. **Get started using provisioned deployments on Azure OpenAI** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/provisioned-get-started + - URL: https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/provisioned-get-started - Confidence: **Verified** (MCP fetch) 5. **Getting started with Azure OpenAI batch deployments** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/batch + - URL: https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/batch - Confidence: **Verified** (MCP search) 6. **Azure AI services authentication and authorization using .NET** diff --git a/skills/ms-ai-engineering/references/azure-ai-services/ai-services-cost-optimization.md b/skills/ms-ai-engineering/references/azure-ai-services/ai-services-cost-optimization.md index 86235f8..26e359b 100644 --- a/skills/ms-ai-engineering/references/azure-ai-services/ai-services-cost-optimization.md +++ b/skills/ms-ai-engineering/references/azure-ai-services/ai-services-cost-optimization.md @@ -331,15 +331,15 @@ PTU er en kapasitetsbasert prismodell for Azure OpenAI, primært for produksjons *Sist sjekket: 2026-02* 2. **Provisioned Throughput Concepts** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/provisioned-throughput + https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/provisioned-throughput *Sist sjekket: 2026-02* 3. **Provisioned Throughput Onboarding (PTU Cost Management)** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/provisioned-throughput-onboarding + https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/provisioned-throughput-billing *Sist sjekket: 2026-02* 4. **Plan and Manage Costs for Azure OpenAI** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/manage-costs + https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs *Sist sjekket: 2026-02* 5. **Govern AI Costs (Cloud Adoption Framework)** @@ -374,7 +374,7 @@ PTU er en kapasitetsbasert prismodell for Azure OpenAI, primært for produksjons - microsoft_docs_search: "Azure AI Services reserved capacity commitment tier" - microsoft_docs_search: "Azure AI Services budget management cost estimation" - microsoft_docs_fetch: `/azure/ai-services/commitment-tier` -- microsoft_docs_fetch: `/azure/ai-foundry/openai/how-to/manage-costs` +- microsoft_docs_fetch: `/azure/foundry/concepts/manage-costs` - microsoft_docs_fetch: `/azure/cloud-adoption-framework/scenarios/ai/platform/governance` - microsoft_docs_search: "Azure OpenAI provisioned throughput PTU cost optimization" diff --git a/skills/ms-ai-engineering/references/azure-ai-services/ai-services-enterprise-architecture.md b/skills/ms-ai-engineering/references/azure-ai-services/ai-services-enterprise-architecture.md index 8778484..fad1eff 100644 --- a/skills/ms-ai-engineering/references/azure-ai-services/ai-services-enterprise-architecture.md +++ b/skills/ms-ai-engineering/references/azure-ai-services/ai-services-enterprise-architecture.md @@ -545,7 +545,7 @@ TOTAL: ~46 700 NOK/måned (høyere cost, men forutsigbar) **Microsoft Learn Documentation (offisiell, 2026-02):** 1. [AI Ready - Cloud Adoption Framework](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/ai/ready) -2. [BCDR for Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/business-continuity-disaster-recovery) +2. [BCDR for Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/high-availability-resiliency) 3. [Baseline Foundry Chat Architecture (Foundry Agent Service + Microsoft Agent Framework)](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/architecture/baseline-microsoft-foundry-chat) — Verified (MCP 2026-04) 4. [Azure API Management - AI Gateway Capabilities](https://learn.microsoft.com/en-us/azure/api-management/genai-gateway-capabilities) 5. [Reliability in Azure AI Search](https://learn.microsoft.com/en-us/azure/reliability/reliability-ai-search) @@ -559,7 +559,7 @@ TOTAL: ~46 700 NOK/måned (høyere cost, men forutsigbar) **Verifikasjon:** - ✅ Alle arkitekturdiagrammer basert på Microsoft offisiell dokumentasjon -- ✅ Deployment-typer (Global/Data Zone/Regional/PTU) verifisert mot [Deployment Types](https://learn.microsoft.com/en-us/azure/ai-foundry/foundry-models/concepts/deployment-types) +- ✅ Deployment-typer (Global/Data Zone/Regional/PTU) verifisert mot [Deployment Types](https://learn.microsoft.com/en-us/azure/foundry/foundry-models/concepts/deployment-types) - ✅ APIM circuit breaker pattern bekreftet i [Backends Documentation](https://learn.microsoft.com/en-us/azure/api-management/backends) - ✅ Zone redundancy requirements verifisert mot [Availability Zones Overview](https://learn.microsoft.com/en-us/azure/reliability/availability-zones-overview) diff --git a/skills/ms-ai-engineering/references/azure-ai-services/ai-services-monitoring-logging.md b/skills/ms-ai-engineering/references/azure-ai-services/ai-services-monitoring-logging.md index d66fc91..f183394 100644 --- a/skills/ms-ai-engineering/references/azure-ai-services/ai-services-monitoring-logging.md +++ b/skills/ms-ai-engineering/references/azure-ai-services/ai-services-monitoring-logging.md @@ -544,7 +544,7 @@ Hvis du bruker ITSM-integrasjoner (ServiceNow, etc.) via Action Groups, kan det **Verified (MCP-research, januar 2026):** - [Enable diagnostic logging for Foundry Tools](https://learn.microsoft.com/en-us/azure/ai-services/diagnostic-logging) – Offisiell guide, sist oppdatert 2024 -- [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/monitor-openai) – Kusto queries, diagnostic settings, dashboards +- [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/monitor-openai) – Kusto queries, diagnostic settings, dashboards - [Introduction to Application Insights](https://learn.microsoft.com/en-us/azure/azure-monitor/app/app-insights-overview) – OpenTelemetry-basert APM - [Monitor Azure AI services (Training module)](https://learn.microsoft.com/en-us/training/modules/monitor-ai-services/) – Microsoft Learn offisiell kurs diff --git a/skills/ms-ai-engineering/references/azure-ai-services/ai-services-networking-security.md b/skills/ms-ai-engineering/references/azure-ai-services/ai-services-networking-security.md index 83a9840..3542024 100644 --- a/skills/ms-ai-engineering/references/azure-ai-services/ai-services-networking-security.md +++ b/skills/ms-ai-engineering/references/azure-ai-services/ai-services-networking-security.md @@ -591,8 +591,8 @@ Test-NetConnection -ComputerName 10.0.2.5 -Port 443 **Verified (MCP microsoft-learn, 2026-02):** - [Configure Foundry Tools virtual networks](https://learn.microsoft.com/en-us/azure/ai-services/cognitive-services-virtual-networks) - Hovedkilde for VNet-konfigurasjon, service endpoints, IP-regler, private endpoints - [Configure secure networking for Azure AI platform services](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/ai/platform/networking) - Arkitektur-guide fra Cloud Adoption Framework -- [Configure Azure OpenAI networking](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/network) - Private endpoint oppsett for Azure OpenAI -- [Network and access configuration for Azure OpenAI On Your Data](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/on-your-data-configuration) - Trusted services bypass, managed identity setup +- [Configure Azure OpenAI networking](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/network) - Private endpoint oppsett for Azure OpenAI +- [Network and access configuration for Azure OpenAI On Your Data](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/on-your-data-configuration) - Trusted services bypass, managed identity setup - [Azure security baseline for Azure AI services](https://learn.microsoft.com/en-us/security/benchmark/azure/baselines/cognitive-services-security-baseline) - NSG-støtte (ikke støttet), private link (støttet), disable public access - [Create a private endpoint for a secure connection to Azure AI Search](https://learn.microsoft.com/en-us/azure/search/service-create-private-endpoint) - Shared private link-mønster diff --git a/skills/ms-ai-engineering/references/azure-ai-services/ai-services-vs-foundry-tools-selection.md b/skills/ms-ai-engineering/references/azure-ai-services/ai-services-vs-foundry-tools-selection.md index 8200194..54fe825 100644 --- a/skills/ms-ai-engineering/references/azure-ai-services/ai-services-vs-foundry-tools-selection.md +++ b/skills/ms-ai-engineering/references/azure-ai-services/ai-services-vs-foundry-tools-selection.md @@ -675,7 +675,7 @@ START: Hvilken AI-kapabilitet trenger du? Dato: 2026-02 (verifisert) 3. **Choose an Azure resource type for Foundry** - https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/resource-types + https://learn.microsoft.com/en-us/azure/foundry-classic/concepts/resource-types Dato: 2026-02 (verifisert) 4. **Choose the right Foundry tool for document processing** @@ -683,11 +683,11 @@ START: Hvilken AI-kapabilitet trenger du? Dato: 2026-02 (verifisert) 5. **What is Foundry Agent Service?** - https://learn.microsoft.com/en-us/azure/ai-foundry/agents/overview + https://learn.microsoft.com/en-us/azure/foundry/agents/overview Dato: 2026-02 (verifisert) 6. **Plan and manage costs for Microsoft Foundry** - https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/manage-costs + https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs Dato: 2026-02 (verifisert) 7. **Azure OpenAI pricing page** diff --git a/skills/ms-ai-engineering/references/azure-ai-services/azure-ai-vision-image-analysis.md b/skills/ms-ai-engineering/references/azure-ai-services/azure-ai-vision-image-analysis.md index 5282faf..d594ac8 100644 --- a/skills/ms-ai-engineering/references/azure-ai-services/azure-ai-vision-image-analysis.md +++ b/skills/ms-ai-engineering/references/azure-ai-services/azure-ai-vision-image-analysis.md @@ -360,7 +360,7 @@ Azure AI Vision er en **Azure resource** som faktureres direkte via Azure-abonne 3. [Object detection (version 4.0)](https://learn.microsoft.com/en-us/azure/ai-services/computer-vision/concept-object-detection-40) - Bounding box-basert objektdeteksjon 4. [Image tagging with Image Analysis version 4.0](https://learn.microsoft.com/en-us/azure/ai-services/computer-vision/concept-tag-images-40) - Tagging av tusenvis av objekter 5. [What's new in Azure Vision in Foundry Tools](https://learn.microsoft.com/en-us/azure/ai-services/computer-vision/whats-new) - Florence integration (mars 2023), GA-lansering (november 2023) -6. [Transparency note: Image Analysis](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/computer-vision/image-analysis-transparency-note) - Florence foundation model, bounding boxes, confidence scores +6. [Transparency note: Image Analysis](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/computer-vision/image-analysis-transparency-note) - Florence foundation model, bounding boxes, confidence scores 7. [Call the Image Analysis 4.0 Analyze API (Python)](https://learn.microsoft.com/en-us/azure/ai-services/computer-vision/how-to/call-analyze-image-40?pivots=programming-language-python) - SDK implementation 8. [Azure Image Analysis client library for Python](https://learn.microsoft.com/en-us/python/api/overview/azure/ai-vision-imageanalysis-readme) - Visual features, gender-neutral captions diff --git a/skills/ms-ai-engineering/references/azure-ai-services/azure-ai-vision-ocr-processing.md b/skills/ms-ai-engineering/references/azure-ai-services/azure-ai-vision-ocr-processing.md index f277b50..3721997 100644 --- a/skills/ms-ai-engineering/references/azure-ai-services/azure-ai-vision-ocr-processing.md +++ b/skills/ms-ai-engineering/references/azure-ai-services/azure-ai-vision-ocr-processing.md @@ -334,9 +334,9 @@ Kombiner OCR med LLM for intelligent dokumentforståelse: 3. **Call Azure Vision v3.2 GA Read API**: https://learn.microsoft.com/en-us/azure/ai-services/computer-vision/how-to/call-read-api 4. **Quickstart: Azure Vision v3.2 GA Read (Python)**: https://learn.microsoft.com/en-us/azure/ai-services/computer-vision/quickstarts-sdk/client-library 5. **Quickstart: Azure Vision v3.2 GA Read (REST API)**: https://learn.microsoft.com/en-us/azure/ai-services/computer-vision/quickstarts-sdk/client-library -6. **Data, privacy, and security for OCR**: https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/computer-vision/ocr-data-privacy-security -7. **Transparency note and use cases for OCR**: https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/computer-vision/ocr-transparency-note -8. **Capabilities and limitations of OCR**: https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/computer-vision/ocr-characteristics-and-limitations +6. **Data, privacy, and security for OCR**: https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/computer-vision/ocr-data-privacy-security +7. **Transparency note and use cases for OCR**: https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/computer-vision/ocr-transparency-note +8. **Capabilities and limitations of OCR**: https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/computer-vision/ocr-characteristics-and-limitations 9. **Image Analysis cognitive skill (AI Search)**: https://learn.microsoft.com/en-us/azure/search/cognitive-search-skill-image-analysis 10. **Tutorial: Vision with Azure AI services (Synapse)**: https://learn.microsoft.com/en-us/azure/synapse-analytics/machine-learning/tutorial-computer-vision-use-mmlspark 11. **Azure Vision Image Analysis Python SDK**: https://learn.microsoft.com/en-us/python/api/overview/azure/ai-vision-imageanalysis-readme diff --git a/skills/ms-ai-engineering/references/azure-ai-services/content-understanding-multimodal-analysis.md b/skills/ms-ai-engineering/references/azure-ai-services/content-understanding-multimodal-analysis.md index 3a94387..76f87e9 100644 --- a/skills/ms-ai-engineering/references/azure-ai-services/content-understanding-multimodal-analysis.md +++ b/skills/ms-ai-engineering/references/azure-ai-services/content-understanding-multimodal-analysis.md @@ -576,7 +576,7 @@ Content Understanding er en **Azure Foundry Tools** tjeneste, inkludert i: | Multimodal search (AI Search integration) | https://learn.microsoft.com/en-us/azure/search/multimodal-search-overview | Verified (Feb 2026) | | Azure AI Video Indexer insights overview | https://learn.microsoft.com/en-us/azure/azure-video-indexer/insights-overview | Verified (Feb 2026) | | Python SDK (ContentUnderstandingClient) | https://learn.microsoft.com/en-us/python/api/overview/azure/ai-contentunderstanding-readme | Verified (Feb 2026) | -| Data privacy and security | https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/content-understanding/data-privacy | Verified (Feb 2026) | +| Data privacy and security | https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/content-understanding/data-privacy | Verified (Feb 2026) | ### Baseline (modellkunnskap) diff --git a/skills/ms-ai-engineering/references/azure-ai-services/speech-services-speaker-recognition.md b/skills/ms-ai-engineering/references/azure-ai-services/speech-services-speaker-recognition.md index 2093a09..191864c 100644 --- a/skills/ms-ai-engineering/references/azure-ai-services/speech-services-speaker-recognition.md +++ b/skills/ms-ai-engineering/references/azure-ai-services/speech-services-speaker-recognition.md @@ -474,7 +474,7 @@ Før du anbefaler Speaker Recognition: - Coverage: Feature overview, verification vs. identification, use cases 3. **Data Privacy and Security for Text-to-Speech** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/speech-service/text-to-speech/data-privacy-security + - URL: https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/speech-service/text-to-speech/data-privacy-security - Confidence: **Verified** (MCP fetch 2026-02-03) - Coverage: Speaker Verification for voice talent consent, voice signature processing, DPA compliance diff --git a/skills/ms-ai-engineering/references/azure-ai-services/speech-services-text-to-speech.md b/skills/ms-ai-engineering/references/azure-ai-services/speech-services-text-to-speech.md index 662c866..d7887f4 100644 --- a/skills/ms-ai-engineering/references/azure-ai-services/speech-services-text-to-speech.md +++ b/skills/ms-ai-engineering/references/azure-ai-services/speech-services-text-to-speech.md @@ -495,7 +495,7 @@ Billable characters: `Hello, world!` = 13 tegn (ikke `` eller ``) | Customize voice and sound with SSML | ✅ Verified | https://learn.microsoft.com/en-us/azure/ai-services/speech-service/speech-synthesis-markup-voice | | How to synthesize speech from text | ✅ Verified | https://learn.microsoft.com/en-us/azure/ai-services/speech-service/how-to-speech-synthesis | | Text-to-Speech FAQ | ✅ Verified | https://learn.microsoft.com/en-us/azure/ai-services/speech-service/faq-tts | -| Transparency note for TTS | ✅ Verified | https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/speech-service/text-to-speech/transparency-note | +| Transparency note for TTS | ✅ Verified | https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/speech-service/text-to-speech/transparency-note | | Language support | ✅ Verified | https://learn.microsoft.com/en-us/azure/ai-services/speech-service/language-support?tabs=tts | | Speech service pricing | ✅ Verified | https://azure.microsoft.com/pricing/details/cognitive-services/speech-services/ | | Batch synthesis API | ✅ Verified | https://learn.microsoft.com/en-us/azure/ai-services/speech-service/batch-synthesis | diff --git a/skills/ms-ai-engineering/references/azure-ai-services/translator-document-translation.md b/skills/ms-ai-engineering/references/azure-ai-services/translator-document-translation.md index 55486b8..ade580b 100644 --- a/skills/ms-ai-engineering/references/azure-ai-services/translator-document-translation.md +++ b/skills/ms-ai-engineering/references/azure-ai-services/translator-document-translation.md @@ -329,7 +329,7 @@ General translation Domain-specific terms - Start med **Foundry (classic) portal** for manuell testing - Bruk **Single-file API** for prototyping (enklere enn Blob Storage) - Test med maksimalt 3 språkpar først -- Les [Transparency Note](https://learn.microsoft.com/azure/ai-foundry/responsible-ai/translator/transparency-note) for å forstå begrensninger +- Les [Transparency Note](https://learn.microsoft.com/azure/foundry/responsible-ai/translator/transparency-note) for å forstå begrensninger **Middels (har brukt Text Translation API):** - Migrer til **Batch Translation** for volum > 50 filer/dag @@ -369,7 +369,7 @@ General translation Domain-specific terms *Confidence: Verified (2026-02)* — Rate limits, request size limits 6. **Translator Transparency Note** - https://learn.microsoft.com/azure/ai-foundry/responsible-ai/translator/transparency-note + https://learn.microsoft.com/azure/foundry/responsible-ai/translator/transparency-note *Confidence: Verified (2026-02)* — AI-begrensninger, data privacy, responsible AI ### Konfidensnivå per seksjon diff --git a/skills/ms-ai-engineering/references/data-engineering/data-anonymization-privacy.md b/skills/ms-ai-engineering/references/data-engineering/data-anonymization-privacy.md index 7b4e379..6b52a91 100644 --- a/skills/ms-ai-engineering/references/data-engineering/data-anonymization-privacy.md +++ b/skills/ms-ai-engineering/references/data-engineering/data-anonymization-privacy.md @@ -549,11 +549,11 @@ def privacy_check_before_deployment(model_artifacts_path: str) -> dict: ## Referanser - [What is Azure Language PII detection?](https://learn.microsoft.com/en-us/azure/ai-services/language-service/personally-identifiable-information/overview) -- PII-deteksjon og maskering -- [PII filter in Azure AI Foundry](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/content-filter-personal-information) -- PII-filtrering for LLM-er +- [PII filter in Azure AI Foundry](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/content-filter-personal-information) -- PII-filtrering for LLM-er - [Responsible AI - Privacy and security](https://learn.microsoft.com/en-us/azure/machine-learning/concept-responsible-ai) -- SmartNoise og Counterfit - [Data privacy for cloud-scale analytics](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/cloud-scale-analytics/secure-data-privacy) -- Dataklassifisering og konfidensialitetsskjema - [PII entity categories](https://learn.microsoft.com/en-us/azure/ai-services/language-service/personally-identifiable-information/concepts/entity-categories) -- Alle stottede PII-kategorier -- [Transparency note for PII](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/language-service/transparency-note-personally-identifiable-information) -- Bruksomrader og begrensninger +- [Transparency note for PII](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/language-service/transparency-note-personally-identifiable-information) -- Bruksomrader og begrensninger - [Data governance with Microsoft Purview](https://learn.microsoft.com/en-us/purview/data-governance-master-data-management) -- Purview for dataklassifisering --- diff --git a/skills/ms-ai-engineering/references/data-engineering/data-quality-ai-frameworks.md b/skills/ms-ai-engineering/references/data-engineering/data-quality-ai-frameworks.md index 02d5d24..f3d10ae 100644 --- a/skills/ms-ai-engineering/references/data-engineering/data-quality-ai-frameworks.md +++ b/skills/ms-ai-engineering/references/data-engineering/data-quality-ai-frameworks.md @@ -550,7 +550,7 @@ def trigger_purview_profiling(data_asset_id, connection_id): ### Code samples (Microsoft Learn) - **Azure ML fine-tuning job with validation data** - https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/fine-tune-serverless + https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/fine-tune-serverless Python SDK sample for creating validation dataset asset. - **AutoML training/validation MLTable inputs** diff --git a/skills/ms-ai-engineering/references/data-engineering/synthetic-data-generation.md b/skills/ms-ai-engineering/references/data-engineering/synthetic-data-generation.md index 7422417..e46c136 100644 --- a/skills/ms-ai-engineering/references/data-engineering/synthetic-data-generation.md +++ b/skills/ms-ai-engineering/references/data-engineering/synthetic-data-generation.md @@ -408,11 +408,11 @@ for metric, result in validation.items(): ## Referanser -- [Generate synthetic and simulated data for evaluation](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/develop/simulator-interaction-data) -- Azure AI Evaluation Simulator -- [Generate synthetic data for fine-tuning in Microsoft Foundry](https://learn.microsoft.com/en-us/azure/ai-foundry/fine-tuning/data-generation) -- Foundry syntetisk data UI +- [Generate synthetic and simulated data for evaluation](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/develop/simulator-interaction-data) -- Azure AI Evaluation Simulator +- [Generate synthetic data for fine-tuning in Microsoft Foundry](https://learn.microsoft.com/en-us/azure/foundry/fine-tuning/data-generation) -- Foundry syntetisk data UI - [Design training data for AI workloads on Azure](https://learn.microsoft.com/en-us/azure/well-architected/ai/training-data-design) -- Well-Architected Framework for treningsdata - [Azure OpenAI for big data](https://learn.microsoft.com/en-us/fabric/data-science/open-ai) -- SynapseML + OpenAI på Fabric -- [Azure OpenAI On Your Data](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/use-your-data) -- RAG for datagenerering +- [Azure OpenAI On Your Data](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/use-your-data) -- RAG for datagenerering --- diff --git a/skills/ms-ai-engineering/references/mlops-genaiops/feedback-loops-continuous-improvement.md b/skills/ms-ai-engineering/references/mlops-genaiops/feedback-loops-continuous-improvement.md index 9e09dcc..9da52e5 100644 --- a/skills/ms-ai-engineering/references/mlops-genaiops/feedback-loops-continuous-improvement.md +++ b/skills/ms-ai-engineering/references/mlops-genaiops/feedback-loops-continuous-improvement.md @@ -715,7 +715,7 @@ mlflow.log_param("user_id_hash", user_id_hash) # Logged 1. [MLflow for GenAI Apps and Agents - Continuous Improvement Cycle](https://learn.microsoft.com/en-us/azure/databricks/mlflow3/genai/overview/) (Verified MCP 2026-04 — updated 10-step cycle; new: Trace UI for pattern identification, evaluation harness, version/prompt management tracking) 2. [Machine Learning Operations v2 - Monitoring & Feedback](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/machine-learning-operations-v2) 3. [Generative AI App Developer Workflow - Production Monitoring](https://learn.microsoft.com/en-us/azure/databricks/generative-ai/tutorials/ai-cookbook/genai-developer-workflow) -4. [Azure AI Foundry - Observability in Generative AI](https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/observability) +4. [Azure AI Foundry - Observability in Generative AI](https://learn.microsoft.com/en-us/azure/foundry/concepts/observability) 5. [MLOps and GenAIOps for AI Workloads - Model Maintenance](https://learn.microsoft.com/en-us/azure/well-architected/ai/mlops-genaiops#model-maintenance) 6. [AI Builder - Continuously Improve Your Model (Feedback Loop)](https://learn.microsoft.com/en-us/ai-builder/feedback-loop) diff --git a/skills/ms-ai-engineering/references/mlops-genaiops/genaiops-llm-specific-practices.md b/skills/ms-ai-engineering/references/mlops-genaiops/genaiops-llm-specific-practices.md index 7a7ead6..29b0688 100644 --- a/skills/ms-ai-engineering/references/mlops-genaiops/genaiops-llm-specific-practices.md +++ b/skills/ms-ai-engineering/references/mlops-genaiops/genaiops-llm-specific-practices.md @@ -350,7 +350,7 @@ MLflow Tracing provides end-to-end observability for GenAI applications: 8. [Azure AI Evaluation SDK](https://learn.microsoft.com/en-us/python/api/overview/azure/ai-evaluation-readme) 9. [Mosaic AI capabilities for GenAI](https://learn.microsoft.com/en-us/azure/databricks/generative-ai/guide/mosaic-ai-gen-ai-capabilities) 10. [MLflow Prompt Registry](https://learn.microsoft.com/en-us/azure/databricks/mlflow3/genai/prompt-version-mgmt/prompt-registry/) -11. [Azure AI Foundry monitoring](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/monitor-quality-safety) +11. [Azure AI Foundry monitoring](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/monitor-quality-safety) 12. [MLflow Tracing for GenAI](https://learn.microsoft.com/en-us/azure/databricks/mlflow3/genai/tracing/) 13. [GenAI app developer workflow](https://learn.microsoft.com/en-us/azure/databricks/generative-ai/tutorials/ai-cookbook/genai-developer-workflow) 14. [Plan and prepare a GenAIOps solution (Microsoft Learn Training)](https://learn.microsoft.com/en-us/training/modules/plan-prepare-genaiops/) diff --git a/skills/ms-ai-engineering/references/mlops-genaiops/governance-audit-ml-operations.md b/skills/ms-ai-engineering/references/mlops-genaiops/governance-audit-ml-operations.md index 5aaf168..cbb5694 100644 --- a/skills/ms-ai-engineering/references/mlops-genaiops/governance-audit-ml-operations.md +++ b/skills/ms-ai-engineering/references/mlops-genaiops/governance-audit-ml-operations.md @@ -104,7 +104,7 @@ Azure Policy lar deg definere *guardrails* for hvilke modeller som kan deployes, **Kilder:** - [Audit and manage Azure Machine Learning with Azure Policy](https://learn.microsoft.com/en-us/azure/machine-learning/how-to-integrate-azure-policy?view=azureml-api-2) -- [Azure AI Foundry built-in policies](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/azure-policy) +- [Azure AI Foundry built-in policies](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/azure-policy) - [Govern Azure platform services (PaaS) for AI](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/ai/platform/governance) --- diff --git a/skills/ms-ai-engineering/references/mlops-genaiops/inferencing-optimization-caching.md b/skills/ms-ai-engineering/references/mlops-genaiops/inferencing-optimization-caching.md index 9fdaaa6..8ee8037 100644 --- a/skills/ms-ai-engineering/references/mlops-genaiops/inferencing-optimization-caching.md +++ b/skills/ms-ai-engineering/references/mlops-genaiops/inferencing-optimization-caching.md @@ -953,7 +953,7 @@ Diagnostikk: *Verifisert: 2026-02-04* — Komplett guide til ONNX Runtime, model conversion, deployment 2. **Prompt Caching (Azure OpenAI)** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/prompt-caching?view=foundry-classic + https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/prompt-caching?view=foundry-classic *Verifisert: 2026-02-04* — Official docs for prompt caching, supported models, pricing 3. **Application Design for AI Workloads on Azure** diff --git a/skills/ms-ai-engineering/references/mlops-genaiops/llm-evaluation-production.md b/skills/ms-ai-engineering/references/mlops-genaiops/llm-evaluation-production.md index 008c95a..f6660ad 100644 --- a/skills/ms-ai-engineering/references/mlops-genaiops/llm-evaluation-production.md +++ b/skills/ms-ai-engineering/references/mlops-genaiops/llm-evaluation-production.md @@ -1053,16 +1053,16 @@ Production evaluation er ikke komplett uten human review loop. Anbefal: ### Primærkilder (Official Microsoft Documentation) 1. **Azure AI Foundry Evaluation SDK:** - [Evaluate your generative AI application locally with the Azure AI Evaluation SDK](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/develop/evaluate-sdk) – Comprehensive guide til local og cloud evaluation + [Evaluate your generative AI application locally with the Azure AI Evaluation SDK](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/develop/evaluate-sdk) – Comprehensive guide til local og cloud evaluation 2. **Continuous Evaluation for Agents:** - [Continuously evaluate your AI agents (preview)](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/continuous-evaluation-agents) – Production monitoring architecture og SDK examples + [Continuously evaluate your AI agents (preview)](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/continuous-evaluation-agents) – Production monitoring architecture og SDK examples 3. **MLflow 3 Evaluation & Monitoring:** [Evaluate and monitor AI agents - Azure Databricks](https://learn.microsoft.com/en-us/azure/databricks/mlflow3/genai/eval-monitor/) – MLflow 3 evaluation harness og production scorers 4. **Observability Overview:** - [Observability in generative AI - Azure AI Foundry](https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/observability) – High-level GenAIOps lifecycle og evaluator taxonomy + [Observability in generative AI - Azure AI Foundry](https://learn.microsoft.com/en-us/azure/foundry/concepts/observability) – High-level GenAIOps lifecycle og evaluator taxonomy 5. **Model Monitoring for Generative AI:** [Model monitoring for generative AI applications (preview)](https://learn.microsoft.com/en-us/azure/machine-learning/prompt-flow/how-to-monitor-generative-ai-applications) – Azure ML Prompt Flow monitoring approach @@ -1071,7 +1071,7 @@ Production evaluation er ikke komplett uten human review loop. Anbefal: [Azure AI Evaluation client library for Python](https://learn.microsoft.com/en-us/python/api/overview/azure/ai-evaluation-readme) – API docs for all built-in evaluators 7. **Agent Monitoring Dashboard:** - [Monitor agents with the Agent Monitoring Dashboard (preview)](https://learn.microsoft.com/en-us/azure/ai-foundry/observability/how-to/how-to-monitor-agents-dashboard) – Setup guide for continuous evaluation in Foundry portal + [Monitor agents with the Agent Monitoring Dashboard (preview)](https://learn.microsoft.com/en-us/azure/foundry/observability/how-to/how-to-monitor-agents-dashboard) – Setup guide for continuous evaluation in Foundry portal ### Sekundærkilder (Community & Research) diff --git a/skills/ms-ai-engineering/references/mlops-genaiops/model-evaluation-frameworks.md b/skills/ms-ai-engineering/references/mlops-genaiops/model-evaluation-frameworks.md index c7de82f..6722288 100644 --- a/skills/ms-ai-engineering/references/mlops-genaiops/model-evaluation-frameworks.md +++ b/skills/ms-ai-engineering/references/mlops-genaiops/model-evaluation-frameworks.md @@ -473,15 +473,15 @@ Hvis du kjører massive evalueringer (100K+ samples), vurder PTU for judge model ## Kilder og verifisering ### Microsoft Learn (Verified via MCP) -1. [Evaluate generative AI models and applications by using Microsoft Foundry](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/evaluate-generative-ai-app?view=foundry-classic) — **Verified** — Komplett guide til Foundry UI evaluations, metrics, data mapping. +1. [Evaluate generative AI models and applications by using Microsoft Foundry](https://learn.microsoft.com/en-us/azure/foundry/how-to/evaluate-generative-ai-app?view=foundry-classic) — **Verified** — Komplett guide til Foundry UI evaluations, metrics, data mapping. 2. [Evaluation flows and metrics (Azure ML Prompt Flow)](https://learn.microsoft.com/en-us/azure/machine-learning/prompt-flow/how-to-develop-an-evaluation-flow?view=azureml-api-2) — **Verified** — Custom evaluation flows, aggregation nodes. 3. [MLflow 3 Evaluation and Monitoring](https://learn.microsoft.com/en-us/azure/databricks/mlflow3/genai/eval-monitor/) — **Verified** — LLM judges, scorers, production monitoring. 4. [Large language model end-to-end evaluation](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/rag/rag-llm-evaluation-phase) — **Verified** — RAG-specific metrics (utilization, completeness, relevance). 5. [Azure AI Evaluation SDK Overview](https://learn.microsoft.com/en-us/python/api/overview/azure/ai-evaluation-readme?view=azure-python) — **Verified** — Python SDK examples, evaluator initialization. 6. [Test and evaluate AI workloads on Azure](https://learn.microsoft.com/en-us/azure/well-architected/ai/test) — **Verified** — Quality metrics, testing vs. evaluation, baselining strategy. -7. [Observability in generative AI](https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/observability) — **Verified** — Three-stage evaluation (base model selection, pre-production, production). -8. [Azure OpenAI Evaluation API](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/evaluations?view=foundry-classic) — **Verified** — REST API, testing criteria, grading process. -9. [GitHub Action for Evaluation](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/evaluation-github-action?view=foundry-classic) — **Verified** — CI/CD integration. +7. [Observability in generative AI](https://learn.microsoft.com/en-us/azure/foundry/concepts/observability) — **Verified** — Three-stage evaluation (base model selection, pre-production, production). +8. [Azure OpenAI Evaluation API](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/evaluations?view=foundry-classic) — **Verified** — REST API, testing criteria, grading process. +9. [GitHub Action for Evaluation](https://learn.microsoft.com/en-us/azure/foundry/how-to/evaluation-github-action?view=foundry-classic) — **Verified** — CI/CD integration. 10. [Scorers and LLM judges (MLflow 3)](https://learn.microsoft.com/en-us/azure/databricks/mlflow3/genai/eval-monitor/concepts/scorers) — **Verified** — Judge models, accuracy validation, partner-powered AI disclaimers. ### Confidence per seksjon diff --git a/skills/ms-ai-engineering/references/mlops-genaiops/model-versioning-registry-management.md b/skills/ms-ai-engineering/references/mlops-genaiops/model-versioning-registry-management.md index d2e91d4..7d3add3 100644 --- a/skills/ms-ai-engineering/references/mlops-genaiops/model-versioning-registry-management.md +++ b/skills/ms-ai-engineering/references/mlops-genaiops/model-versioning-registry-management.md @@ -541,7 +541,7 @@ az ml model list --registry-name my-registry --query "[?created<'$cutoff_date']. - Coverage: CI/CD integration, Azure Pipelines, MLOps automation 6. **Explore Microsoft Foundry Models** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/foundry-models-overview?view=foundry-classic + - URL: https://learn.microsoft.com/en-us/azure/foundry-classic/concepts/foundry-models-overview?view=foundry-classic - Confidence: **Verified** (MCP search results, Feb 2026) - Coverage: Model catalog, deployment options, Azure AI Foundry integration diff --git a/skills/ms-ai-engineering/references/mlops-genaiops/prompt-flow-production-deployment.md b/skills/ms-ai-engineering/references/mlops-genaiops/prompt-flow-production-deployment.md index c8fcb55..178d629 100644 --- a/skills/ms-ai-engineering/references/mlops-genaiops/prompt-flow-production-deployment.md +++ b/skills/ms-ai-engineering/references/mlops-genaiops/prompt-flow-production-deployment.md @@ -647,9 +647,9 @@ Er dette første gang kunden deployer LLM-basert app? ## Kilder og verifisering **Microsoft Learn Dokumentasjon:** -1. [Deploy a flow for real-time inference (Azure AI Foundry)](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/flow-deploy?view=foundry-classic) – Offisiell guide for deployment via portal +1. [Deploy a flow for real-time inference (Azure AI Foundry)](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/flow-deploy?view=foundry-classic) – Offisiell guide for deployment via portal 2. [GenAIOps with Prompt Flow and GitHub](https://learn.microsoft.com/en-us/azure/machine-learning/prompt-flow/how-to-end-to-end-llmops-with-prompt-flow?view=azureml-api-2) – CI/CD pipeline patterns og lifecycle management -3. [Enable tracing and collect feedback for a flow deployment](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/develop/trace-production-sdk?view=foundry-classic) – Application Insights integration og metrics +3. [Enable tracing and collect feedback for a flow deployment](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/develop/trace-production-sdk?view=foundry-classic) – Application Insights integration og metrics 4. [Deploy a flow to online endpoint with CLI/SDK](https://learn.microsoft.com/en-us/azure/machine-learning/prompt-flow/how-to-deploy-to-code?view=azureml-api-2) – Advanced deployment configuration (concurrency, FastAPI, etc.) 5. [Integrate Prompt Flow with DevOps](https://learn.microsoft.com/en-us/azure/machine-learning/prompt-flow/how-to-integrate-with-llm-app-devops?view=azureml-api-2) – Local-to-cloud development workflow diff --git a/skills/ms-ai-engineering/references/rag-architecture/citation-tracking.md b/skills/ms-ai-engineering/references/rag-architecture/citation-tracking.md index ff9d460..019b2db 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/citation-tracking.md +++ b/skills/ms-ai-engineering/references/rag-architecture/citation-tracking.md @@ -284,9 +284,9 @@ result = groundedness_eval( ### Verified (MCP-research) - [RAG overview in Azure AI Search](https://learn.microsoft.com/en-us/azure/search/retrieval-augmented-generation-overview) - [Agentic retrieval overview](https://learn.microsoft.com/en-us/azure/search/agentic-retrieval-overview) -- [Transparency note for Azure AI Search](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/search/transparency-note) +- [Transparency note for Azure AI Search](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/search/transparency-note) - [Grounding data design](https://learn.microsoft.com/en-us/azure/well-architected/ai/grounding-data-design) -- [Azure AI Foundry agents - AI Search tools](https://learn.microsoft.com/en-us/azure/ai-foundry/agents/how-to/tools/ai-search) +- [Azure AI Foundry agents - AI Search tools](https://learn.microsoft.com/en-us/azure/foundry/agents/how-to/tools/ai-search) ### Baseline (modellkunnskap) - Norsk lovgivning (Forvaltningsloven, Offentleglova, Arkivloven) diff --git a/skills/ms-ai-engineering/references/rag-architecture/graphrag-knowledge-graphs.md b/skills/ms-ai-engineering/references/rag-architecture/graphrag-knowledge-graphs.md index d3af6c7..f8778ed 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/graphrag-knowledge-graphs.md +++ b/skills/ms-ai-engineering/references/rag-architecture/graphrag-knowledge-graphs.md @@ -280,7 +280,7 @@ GraphRAG introduserer spesifikke personvernrisiki i offentlig sektor: | CosmosAIGraph arkitektur | https://learn.microsoft.com/en-us/azure/cosmos-db/gen-ai/cosmos-ai-graph | ✅ Verified (2026-02) | | Graph semantics i KQL | https://learn.microsoft.com/en-us/kusto/query/graph-semantics-overview | ✅ Verified (2026-02) | | Entity Recognition skill (v3) | https://learn.microsoft.com/en-us/azure/search/cognitive-search-skill-entity-recognition-v3 | ✅ Verified (2026-02) | -| Azure AI Search transparency note | https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/search/transparency-note | ✅ Verified (2026-02) | +| Azure AI Search transparency note | https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/search/transparency-note | ✅ Verified (2026-02) | | RAG solution design guide | https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/rag/rag-solution-design-and-evaluation-guide | ✅ Verified (2026-02) | | Labeled Property Graphs (LPG) | https://learn.microsoft.com/en-us/fabric/graph/graph-data-models | ✅ Verified (2026-02) | diff --git a/skills/ms-ai-engineering/references/rag-architecture/late-chunking-patterns.md b/skills/ms-ai-engineering/references/rag-architecture/late-chunking-patterns.md index 8f0452a..0504a39 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/late-chunking-patterns.md +++ b/skills/ms-ai-engineering/references/rag-architecture/late-chunking-patterns.md @@ -244,5 +244,5 @@ for i, chunk in enumerate(chunks): | arXiv:2409.04701 (forskningspaper) | **Verified** | [arxiv.org](https://arxiv.org/abs/2409.04701) | | Jina Embeddings on Azure Marketplace | **Verified** | [azuremarketplace.microsoft.com](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/jinaai.jina-embeddings-v4) | | Jina Embeddings v3 announcement | **Verified** | [jina.ai](https://jina.ai/news/jina-embeddings-v3-a-frontier-multilingual-embedding-model/) | -| Azure OpenAI Embeddings | **Verified** | [learn.microsoft.com](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/tutorials/embeddings) | +| Azure OpenAI Embeddings | **Verified** | [learn.microsoft.com](https://learn.microsoft.com/en-us/azure/foundry/openai/tutorials/embeddings) | | Late Chunking tutorial (DataCamp) | **Baseline** | [datacamp.com](https://www.datacamp.com/tutorial/late-chunking) | diff --git a/skills/ms-ai-engineering/references/rag-architecture/rag-context-windows.md b/skills/ms-ai-engineering/references/rag-architecture/rag-context-windows.md index 4d56c38..8d44c45 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/rag-context-windows.md +++ b/skills/ms-ai-engineering/references/rag-architecture/rag-context-windows.md @@ -388,7 +388,7 @@ Hvis du har 10,000 queries per måned: **11,300 NOK/måned** (kun LLM-kostnad, i ### Microsoft Learn (Verified via MCP) 1. **Azure OpenAI Assistants API — Context Window Management** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/assistants#context-window-management + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/assistants#context-window-management *Dekning: max_prompt_tokens, max_completion_tokens, truncation strategy, File Search recommendations* **Confidence: Verified** @@ -398,12 +398,12 @@ Hvis du har 10,000 queries per måned: **11,300 NOK/måned** (kun LLM-kostnad, i **Confidence: Verified** 3. **Azure OpenAI in Microsoft Foundry Models — Quotas and Limits** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/quotas-limits + https://learn.microsoft.com/en-us/azure/foundry/openai/quotas-limits *Dekning: TPM limits per model, context window sizes, rate limits* **Confidence: Verified** 4. **Azure OpenAI On Your Data — Token Usage Estimation** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/use-your-data#token-usage-estimation-for-azure-openai-on-your-data + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/use-your-data#token-usage-estimation-for-azure-openai-on-your-data *Dekning: Intent prompt vs. generation prompt token breakdown, RAG pipeline token costs* **Confidence: Verified** @@ -413,12 +413,12 @@ Hvis du har 10,000 queries per måned: **11,300 NOK/måned** (kun LLM-kostnad, i **Confidence: Verified** 6. **Chat Markup Language ChatML — Managing Conversations** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/chat-markup-language#preventing-unsafe-user-inputs + https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/responses#preventing-unsafe-user-inputs *Dekning: Token counting med tiktoken, conversation history truncation* **Confidence: Verified** 7. **Code Sample: Token Counting with tiktoken (Python)** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/chatgpt + https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/chatgpt *Dekning: Praktisk implementasjon av token management i conversation loops* **Confidence: Verified** diff --git a/skills/ms-ai-engineering/references/rag-architecture/rag-cost-optimization.md b/skills/ms-ai-engineering/references/rag-architecture/rag-cost-optimization.md index a544d04..2c9eb83 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/rag-cost-optimization.md +++ b/skills/ms-ai-engineering/references/rag-architecture/rag-cost-optimization.md @@ -501,15 +501,15 @@ Metrics: - [Vector compression best practices](https://techcommunity.microsoft.com/blog/azure-ai-services-blog/azure-ai-search-cut-vector-costs-up-to-92-5-with-new-compression-techniques/4404866) — *Verified: Compression techniques (92.5% reduction)* **Azure OpenAI Cost Management:** -- [Plan and manage costs for Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/manage-costs) — *Verified: Token-based billing, fine-tuning costs* -- [Azure OpenAI Batch API](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/batch) — *Verified: 50% cost reduction for batch workloads* -- [Fine-tuning cost management](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/fine-tuning-cost-management) — *Verified: Hosting + inference + training costs* +- [Plan and manage costs for Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs) — *Verified: Token-based billing, fine-tuning costs* +- [Azure OpenAI Batch API](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/batch) — *Verified: 50% cost reduction for batch workloads* +- [Fine-tuning cost management](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/fine-tuning-cost-management) — *Verified: Hosting + inference + training costs* **RAG Architecture & Optimization:** - [RAG design and evaluation guide](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/rag/rag-solution-design-and-evaluation-guide) — *Verified: End-to-end RAG considerations* - [RAG chunking economics](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/rag/rag-chunking-phase#understand-chunking-economics) — *Verified: Chunking cost optimization* - [RAG embedding economics](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/rag/rag-generate-embeddings#understand-embedding-economics) — *Verified: Embedding model selection trade-offs* -- [Retrieval cost and latency considerations](https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/retrieval-augmented-generation#cost-and-latency-considerations) — *Verified: Query cost analysis* +- [Retrieval cost and latency considerations](https://learn.microsoft.com/en-us/azure/foundry/concepts/retrieval-augmented-generation#cost-and-latency-considerations) — *Verified: Query cost analysis* **Cloud Adoption Framework:** - [Manage AI costs](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/ai/manage#manage-ai-costs) — *Verified: Enterprise cost governance* diff --git a/skills/ms-ai-engineering/references/rag-architecture/rag-evaluation-frameworks.md b/skills/ms-ai-engineering/references/rag-architecture/rag-evaluation-frameworks.md index 5d066e8..b8e78c0 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/rag-evaluation-frameworks.md +++ b/skills/ms-ai-engineering/references/rag-architecture/rag-evaluation-frameworks.md @@ -311,11 +311,11 @@ Bruk `mlflow.log_feedback()` med `AssessmentSourceType.HUMAN` for å logge menne ## Kilder og verifisering ### Verified (MCP-research) -- [Azure AI Evaluation SDK](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/develop/evaluate-sdk) +- [Azure AI Evaluation SDK](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/develop/evaluate-sdk) - [RAG LLM Evaluation Phase](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/rag/rag-llm-evaluation-phase) - [RAG Solution Design Guide](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/rag/rag-solution-design-and-evaluation-guide) -- [Built-in RAG Evaluators](https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/evaluation-evaluators/rag-evaluators) -- [Azure AI Foundry Observability](https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/observability) +- [Built-in RAG Evaluators](https://learn.microsoft.com/en-us/azure/foundry/concepts/evaluation-evaluators/rag-evaluators) +- [Azure AI Foundry Observability](https://learn.microsoft.com/en-us/azure/foundry/concepts/observability) - [RAG Experiment Accelerator](https://github.com/microsoft/rag-experiment-accelerator) ### Baseline (modellkunnskap) diff --git a/skills/ms-ai-engineering/references/rag-architecture/rag-hallucination-mitigation.md b/skills/ms-ai-engineering/references/rag-architecture/rag-hallucination-mitigation.md index 1830976..4900ffe 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/rag-hallucination-mitigation.md +++ b/skills/ms-ai-engineering/references/rag-architecture/rag-hallucination-mitigation.md @@ -385,9 +385,9 @@ Hvis AI-systemet gir feil informasjon som fører til skade: **Microsoft Learn (Verified via MCP):** - [Groundedness Detection Concepts](https://learn.microsoft.com/en-us/azure/ai-services/content-safety/concepts/groundedness) — **Verified** - [Groundedness Detection Quickstart](https://learn.microsoft.com/en-us/azure/ai-services/content-safety/quickstart-groundedness) — **Verified** -- [Groundedness Detection Filter](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/content-filter-groundedness) — **Verified** -- [Prompt Engineering Techniques](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/prompt-engineering) — **Verified** -- [Transparency Note: Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/transparency-note) — **Verified** +- [Groundedness Detection Filter](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/content-filter-groundedness) — **Verified** +- [Prompt Engineering Techniques](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/prompt-engineering) — **Verified** +- [Transparency Note: Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/transparency-note) — **Verified** - [RAG Solution Design Guide](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/rag/rag-solution-design-and-evaluation-guide) — **Verified** - [Secure Multitenant RAG](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/secure-multitenant-rag) — **Verified** diff --git a/skills/ms-ai-engineering/references/rag-architecture/rag-iterative-refinement.md b/skills/ms-ai-engineering/references/rag-architecture/rag-iterative-refinement.md index 8e18e04..e13b5dc 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/rag-iterative-refinement.md +++ b/skills/ms-ai-engineering/references/rag-architecture/rag-iterative-refinement.md @@ -418,7 +418,7 @@ public async Task ApplyRetentionPolicyAsync() | [Multi-turn conversations with an agent](https://learn.microsoft.com/en-us/agent-framework/tutorials/agents/multi-turn-conversation) | Agent Framework session management | **Verified** | | [Chat history (Semantic Kernel)](https://learn.microsoft.com/en-us/semantic-kernel/concepts/ai-services/chat-completion/chat-history) | ChatHistory API, reduction strategies | **Verified** | | [Using memory with Agents](https://learn.microsoft.com/en-us/semantic-kernel/frameworks/agent/agent-memory) | Whiteboard memory, memory providers | **Verified** | -| [Use the Azure OpenAI web app](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/use-web-app) | Cosmos DB chat history enablement | **Verified** | +| [Use the Azure OpenAI web app](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/use-web-app) | Cosmos DB chat history enablement | **Verified** | | [RAG with Azure DocumentDB](https://learn.microsoft.com/en-us/azure/documentdb/rag) | History-aware retrieval chains | **Verified** | | [Storing Chat History in 3rd Party Storage](https://learn.microsoft.com/en-us/agent-framework/tutorials/agents/third-party-chat-history-storage) | Custom ChatHistoryProvider | **Verified** | | [IChatClient documentation](https://learn.microsoft.com/en-us/dotnet/ai/ichatclient) | Stateless vs stateful clients | **Verified** | diff --git a/skills/ms-ai-engineering/references/rag-architecture/rag-security-rbac.md b/skills/ms-ai-engineering/references/rag-architecture/rag-security-rbac.md index 20347dc..64900a8 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/rag-security-rbac.md +++ b/skills/ms-ai-engineering/references/rag-architecture/rag-security-rbac.md @@ -473,7 +473,7 @@ Authorization: Bearer - Dekning: Hierarchical permissions, POSIX-like ACLs, indexer configuration 5. **Azure OpenAI On Your Data - Document-level access control** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/on-your-data-configuration#document-level-access-control + - URL: https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/on-your-data-configuration#document-level-access-control - Confidence: **Verified** (MCP-search 2026-02) - Dekning: RAG integration, filter parameter, group_ids field mapping @@ -493,7 +493,7 @@ Authorization: Bearer - Dekning: RAG challenges, security & governance 9. **Retrieval augmented generation (RAG) and indexes (AI Foundry)** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/retrieval-augmented-generation?view=foundry-classic + - URL: https://learn.microsoft.com/en-us/azure/foundry/concepts/retrieval-augmented-generation?view=foundry-classic - Confidence: **Verified** (MCP-search 2026-02) - Dekning: Security considerations, access control at retrieval time diff --git a/skills/ms-ai-engineering/references/rag-architecture/self-reflective-rag.md b/skills/ms-ai-engineering/references/rag-architecture/self-reflective-rag.md index 13b6642..4b8bbd2 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/self-reflective-rag.md +++ b/skills/ms-ai-engineering/references/rag-architecture/self-reflective-rag.md @@ -265,7 +265,7 @@ Hvis self-reflective RAG reduserer feilaktige svar fra 15% til 5%: | Kilde | Konfidens | URL | |-------|-----------|-----| -| RAG Evaluators (Azure AI Foundry) | **Verified** | [learn.microsoft.com](https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/evaluation-evaluators/rag-evaluators) | +| RAG Evaluators (Azure AI Foundry) | **Verified** | [learn.microsoft.com](https://learn.microsoft.com/en-us/azure/foundry/concepts/evaluation-evaluators/rag-evaluators) | | RAG LLM Evaluation Phase | **Verified** | [learn.microsoft.com](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/rag/rag-llm-evaluation-phase) | | Semantic Kernel Agent RAG | **Verified** | [learn.microsoft.com](https://learn.microsoft.com/en-us/semantic-kernel/frameworks/agent/agent-rag) | | Corrective RAG (CRAG) paper | **Verified** | [arxiv.org](https://arxiv.org/abs/2401.15884) | diff --git a/skills/ms-ai-engineering/references/rag-architecture/streaming-rag-responses.md b/skills/ms-ai-engineering/references/rag-architecture/streaming-rag-responses.md index 6c58b4b..1d4c2b2 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/streaming-rag-responses.md +++ b/skills/ms-ai-engineering/references/rag-architecture/streaming-rag-responses.md @@ -407,11 +407,11 @@ Ved bruk av streaming med `code_interpreter` tool: ### Verified (fra MCP microsoft-learn) -- Azure OpenAI Responses API streaming: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/responses (Verified: 2026-02) +- Azure OpenAI Responses API streaming: https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/responses (Verified: 2026-02) - Semantic Kernel Agent streaming: https://learn.microsoft.com/en-us/semantic-kernel/frameworks/agent/agent-streaming (Verified: 2026-02) - SSE med Application Gateway: https://learn.microsoft.com/en-us/azure/application-gateway/use-server-sent-events (Verified: 2026-02) -- Azure OpenAI REST API reference: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/reference (Verified: 2026-02) -- Chat Completions API streaming: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/reference#chat-completions (Verified: 2026-02) +- Azure OpenAI REST API reference: https://learn.microsoft.com/en-us/azure/foundry/openai/reference (Verified: 2026-02) +- Chat Completions API streaming: https://learn.microsoft.com/en-us/azure/foundry/openai/reference#chat-completions (Verified: 2026-02) ### Baseline (modellkunnskap) diff --git a/skills/ms-ai-governance/references/monitoring-observability/compliance-monitoring-ai-governance.md b/skills/ms-ai-governance/references/monitoring-observability/compliance-monitoring-ai-governance.md index 441bef3..432a942 100644 --- a/skills/ms-ai-governance/references/monitoring-observability/compliance-monitoring-ai-governance.md +++ b/skills/ms-ai-governance/references/monitoring-observability/compliance-monitoring-ai-governance.md @@ -478,13 +478,13 @@ AppMetrics **Azure Policy & monitoring:** - [Azure Policy Regulatory Compliance controls for Azure AI Search](https://learn.microsoft.com/en-us/azure/search/security-controls-policy) — Verified 2026-02 -- [Control AI model deployment with built-in policies in Microsoft Foundry portal](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/built-in-policy-model-deployment) — Verified 2026-02 +- [Control AI model deployment with built-in policies in Microsoft Foundry portal](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/built-in-policy-model-deployment) — Verified 2026-02 - [AI gateway in Azure API Management (Observability and governance)](https://learn.microsoft.com/en-us/azure/api-management/genai-gateway-capabilities#observability-and-governance) — Verified 2026-02 **Security & observability:** - [Assess your organization's AI risk with Microsoft Security Dashboard for AI (Preview)](https://learn.microsoft.com/en-us/security/security-for-ai/security-dashboard-for-ai) — Verified 2026-02 - [Governance and security for AI agents across the organization](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ai-agents/governance-security-across-organization) — Verified 2026-02 -- [Monitor Azure OpenAI (Dashboards)](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/monitor-openai) — Verified 2026-02 +- [Monitor Azure OpenAI (Dashboards)](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/monitor-openai) — Verified 2026-02 ### Konfidensnivå per seksjon diff --git a/skills/ms-ai-governance/references/monitoring-observability/cost-monitoring-cost-attribution.md b/skills/ms-ai-governance/references/monitoring-observability/cost-monitoring-cost-attribution.md index cbfe49a..4181e0a 100644 --- a/skills/ms-ai-governance/references/monitoring-observability/cost-monitoring-cost-attribution.md +++ b/skills/ms-ai-governance/references/monitoring-observability/cost-monitoring-cost-attribution.md @@ -439,7 +439,7 @@ if ($metrics.Data.Total -eq 0) { ### Kilder (Microsoft Learn) 1. **Plan to manage costs for Azure OpenAI** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/manage-costs + https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs *Konfidensgrad: Verified* – Komplett guide for cost management (budgets, alerts, export) 2. **Azure OpenAI in Foundry Models gateway monitoring** *(Verified MCP 2026-04)* @@ -455,7 +455,7 @@ if ($metrics.Data.Total -eq 0) { *Konfidensgrad: Verified* – Best practices for TPM/RPM monitoring, commitment billing 5. **Plan and manage costs for Azure AI Foundry** - https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/manage-costs + https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs *Konfidensgrad: Verified* – Marketplace models, fine-tuning costs, HTTP error billing 6. **Azure Cost Management API (Python SDK)** diff --git a/skills/ms-ai-governance/references/monitoring-observability/custom-dashboards-ai-operations.md b/skills/ms-ai-governance/references/monitoring-observability/custom-dashboards-ai-operations.md index 18dfed9..7852173 100644 --- a/skills/ms-ai-governance/references/monitoring-observability/custom-dashboards-ai-operations.md +++ b/skills/ms-ai-governance/references/monitoring-observability/custom-dashboards-ai-operations.md @@ -483,7 +483,7 @@ Når kunden spør om dashboards for AI operations: ### Microsoft Learn - [Azure Workbooks overview](https://learn.microsoft.com/en-us/azure/azure-monitor/visualize/workbooks-overview) - [Create an Azure AI Foundry dashboard](https://learn.microsoft.com/en-us/azure/managed-grafana/azure-ai-foundry-dashboard) -- [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/monitor-openai) +- [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/monitor-openai) - [Workbooks programmatic management](https://learn.microsoft.com/en-us/azure/azure-monitor/visualize/workbooks-automate) *(Verified MCP 2026-04)* — ARM/Bicep deployment, RBAC (Monitoring Contributor for redigering, Monitoring Reader for visning), `microsoft.insights/workbooks/write` for custom roles - [Power BI + Azure Monitor](https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-powerbi) diff --git a/skills/ms-ai-governance/references/monitoring-observability/endpoint-health-and-capacity-planning.md b/skills/ms-ai-governance/references/monitoring-observability/endpoint-health-and-capacity-planning.md index 0dcb690..87fa8aa 100644 --- a/skills/ms-ai-governance/references/monitoring-observability/endpoint-health-and-capacity-planning.md +++ b/skills/ms-ai-governance/references/monitoring-observability/endpoint-health-and-capacity-planning.md @@ -587,19 +587,19 @@ az role assignment create \ ### Microsoft Learn (Verified via MCP) 1. **Monitor Azure OpenAI:** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/monitor-openai + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/monitor-openai *Confidence: Verified* — Komplett guide til diagnostics, metrics, alerts, og KQL-queries 2. **Manage Azure OpenAI quota:** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/quota + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/quota *Confidence: Verified* — TPM/RPM-allokering, quota requests, 429-feilhåndtering 3. **Azure OpenAI quotas and limits:** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/quotas-limits + https://learn.microsoft.com/en-us/azure/foundry/openai/quotas-limits *Confidence: Verified* — Rate limits per modell, Usage tiers, regional constraints 4. **Dynamic quota (Preview):** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/dynamic-quota + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/dynamic-quota *Confidence: Verified* — Opportunistic burst-kapasitet for Standard deployments 5. **Supported metrics for Microsoft.CognitiveServices/accounts:** diff --git a/skills/ms-ai-governance/references/monitoring-observability/log-analytics-kql-ai-queries.md b/skills/ms-ai-governance/references/monitoring-observability/log-analytics-kql-ai-queries.md index 1ae108c..80503b0 100644 --- a/skills/ms-ai-governance/references/monitoring-observability/log-analytics-kql-ai-queries.md +++ b/skills/ms-ai-governance/references/monitoring-observability/log-analytics-kql-ai-queries.md @@ -723,7 +723,7 @@ AzureDiagnostics - **KQL Quick Reference:** [learn.microsoft.com/kusto/query/kql-quick-reference](https://learn.microsoft.com/en-us/kusto/query/kql-quick-reference) - **Azure Monitor KQL Samples:** [learn.microsoft.com/azure/azure-monitor/logs/queries](https://learn.microsoft.com/en-us/azure/azure-monitor/logs/queries) -- **Azure OpenAI Monitoring:** [learn.microsoft.com/azure/ai-foundry/openai/how-to/monitor-openai](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/monitor-openai) +- **Azure OpenAI Monitoring:** [learn.microsoft.com/azure/foundry-classic/openai/how-to/monitor-openai](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/monitor-openai) - **Optimize Log Queries:** [learn.microsoft.com/azure/azure-monitor/logs/query-optimization](https://learn.microsoft.com/en-us/azure/azure-monitor/logs/query-optimization) ## Nøkkelinnsikter @@ -743,7 +743,7 @@ AzureDiagnostics ## Referanser -- Microsoft Learn: [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/monitor-openai) +- Microsoft Learn: [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/monitor-openai) - Microsoft Learn: [Get started with log queries in Azure Monitor](https://learn.microsoft.com/en-us/azure/azure-monitor/logs/get-started-queries) - Microsoft Learn: [Optimize log queries in Azure Monitor](https://learn.microsoft.com/en-us/azure/azure-monitor/logs/query-optimization) *(Verified MCP 2026-04)* - Microsoft Learn: [Configure diagnostic logging for Azure AI Search](https://learn.microsoft.com/en-us/azure/search/search-monitor-enable-logging) diff --git a/skills/ms-ai-governance/references/monitoring-observability/model-performance-drift-detection.md b/skills/ms-ai-governance/references/monitoring-observability/model-performance-drift-detection.md index 0b9684e..f2ae3de 100644 --- a/skills/ms-ai-governance/references/monitoring-observability/model-performance-drift-detection.md +++ b/skills/ms-ai-governance/references/monitoring-observability/model-performance-drift-detection.md @@ -377,8 +377,8 @@ Model monitoring er inkludert i Azure Machine Learning workspace, men du betaler - [Azure Machine Learning model monitoring (concept)](https://learn.microsoft.com/en-us/azure/machine-learning/concept-model-monitoring?view=azureml-api-2) — **Verified** (fetched 2026-02) - [Monitor performance of models deployed to production](https://learn.microsoft.com/en-us/azure/machine-learning/how-to-monitor-model-performance?view=azureml-api-2) — **Verified** (fetched 2026-02) - [Data drift monitoring (legacy, retiring)](https://learn.microsoft.com/en-us/azure/machine-learning/how-to-monitor-datasets?view=azureml-api-1) — **Verified** (fetched 2026-02, kontext: migrering til Model Monitor) -- [Evaluate generative AI models (Azure AI Foundry)](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/evaluate-generative-ai-app?view=foundry-classic) — **Verified** (fetched 2026-02) -- [Observability in generative AI (Azure AI Foundry)](https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/observability?view=foundry-classic) — **Verified** (fetched 2026-02) +- [Evaluate generative AI models (Azure AI Foundry)](https://learn.microsoft.com/en-us/azure/foundry/how-to/evaluate-generative-ai-app?view=foundry-classic) — **Verified** (fetched 2026-02) +- [Observability in generative AI (Azure AI Foundry)](https://learn.microsoft.com/en-us/azure/foundry/concepts/observability?view=foundry-classic) — **Verified** (fetched 2026-02) - [Test and evaluate AI workloads on Azure](https://learn.microsoft.com/en-us/azure/well-architected/ai/test) — **Verified** (fetched 2026-02) ### Baseline (Model knowledge) diff --git a/skills/ms-ai-governance/references/monitoring-observability/real-time-streaming-monitoring.md b/skills/ms-ai-governance/references/monitoring-observability/real-time-streaming-monitoring.md index 0191a8e..ddabf53 100644 --- a/skills/ms-ai-governance/references/monitoring-observability/real-time-streaming-monitoring.md +++ b/skills/ms-ai-governance/references/monitoring-observability/real-time-streaming-monitoring.md @@ -525,7 +525,7 @@ Real-Time Dashboard er IKKE erstatning for data warehouse. Bruk for operational **Confidence:** Verified (Feb 2026) - Real-time architecture patterns 7. **Observability in generative AI** - https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/observability + https://learn.microsoft.com/en-us/azure/foundry/concepts/observability **Confidence:** Verified (Feb 2026) - AI Foundry monitoring integration 8. **Implement advanced monitoring for Azure OpenAI in Foundry Models through a gateway** diff --git a/skills/ms-ai-governance/references/monitoring-observability/response-quality-metrics-rag.md b/skills/ms-ai-governance/references/monitoring-observability/response-quality-metrics-rag.md index 88494a0..34e426f 100644 --- a/skills/ms-ai-governance/references/monitoring-observability/response-quality-metrics-rag.md +++ b/skills/ms-ai-governance/references/monitoring-observability/response-quality-metrics-rag.md @@ -591,14 +591,14 @@ PTU equivalent: ~300 PTUs @ $6/PTU = $1800/måned ### Microsoft Learn (Verified via MCP) -1. [Observability in generative AI - What are evaluators?](https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/observability#what-are-evaluators) — RAG evaluators (Retrieval, Groundedness, Relevance, Response Completeness) -2. [Retrieval-Augmented Generation (RAG) evaluators](https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/evaluation-evaluators/rag-evaluators) — Detaljert dokumentasjon for alle RAG-evaluatorer, input/output formats +1. [Observability in generative AI - What are evaluators?](https://learn.microsoft.com/en-us/azure/foundry/concepts/observability#what-are-evaluators) — RAG evaluators (Retrieval, Groundedness, Relevance, Response Completeness) +2. [Retrieval-Augmented Generation (RAG) evaluators](https://learn.microsoft.com/en-us/azure/foundry/concepts/evaluation-evaluators/rag-evaluators) — Detaljert dokumentasjon for alle RAG-evaluatorer, input/output formats 3. [Large language model end-to-end evaluation](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/rag/rag-llm-evaluation-phase) — Groundedness, completeness, utilization, relevance, correctness metrics -4. [Evaluate generative AI models and applications](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/evaluate-generative-ai-app) — Foundry portal evaluation workflow, testing criteria configuration -5. [Submit a batch run and evaluate a flow](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/flow-bulk-test-evaluation) — Built-in evaluation methods (QnA Groundedness, Relevance, Coherence) +4. [Evaluate generative AI models and applications](https://learn.microsoft.com/en-us/azure/foundry/how-to/evaluate-generative-ai-app) — Foundry portal evaluation workflow, testing criteria configuration +5. [Submit a batch run and evaluate a flow](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/flow-bulk-test-evaluation) — Built-in evaluation methods (QnA Groundedness, Relevance, Coherence) 6. [Evaluation of RAG performance basics](https://learn.microsoft.com/en-us/fabric/data-science/tutorial-evaluate-rag-performance) — AI-assisted metrics (groundedness, relevance, similarity), top-N retrieval rate -7. [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/monitor-openai) — Azure Monitor integration, KQL queries, diagnostic settings -8. [Use Risks & Safety monitoring](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/risks-safety-monitor) — Content filtering metrics, severity distribution +7. [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/monitor-openai) — Azure Monitor integration, KQL queries, diagnostic settings +8. [Use Risks & Safety monitoring](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/risks-safety-monitor) — Content filtering metrics, severity distribution 9. [Azure AI Evaluation SDK - Python samples](https://github.com/Azure-Samples/azureai-samples/blob/main/scenarios/evaluate/) — Code examples for groundedness, relevance evaluators ### Code samples (Verified via MCP) diff --git a/skills/ms-ai-governance/references/monitoring-observability/security-and-audit-logging-ai.md b/skills/ms-ai-governance/references/monitoring-observability/security-and-audit-logging-ai.md index 9ce8892..0299d3b 100644 --- a/skills/ms-ai-governance/references/monitoring-observability/security-and-audit-logging-ai.md +++ b/skills/ms-ai-governance/references/monitoring-observability/security-and-audit-logging-ai.md @@ -385,8 +385,8 @@ Ingen ekstra lisenser kreves for audit logging — funksjonen er inkludert i Azu | Kilde | URL | Konfidensnivå | |-------|-----|---------------| | **Enable diagnostic logging for Azure AI services** | https://learn.microsoft.com/en-us/azure/ai-services/diagnostic-logging | ✅ Verified | -| **Monitor Azure OpenAI** | https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/monitor-openai | ✅ Verified | -| **Azure security baseline for Azure OpenAI** | https://learn.microsoft.com/en-us/security/benchmark/azure/baselines/azure-openai-security-baseline | ✅ Verified — **OBS:** Basert på MCSB v1.0 (kan inneholde utdatert veiledning). Produktet refereres nå som "Foundry Tools" i baseline-dokumentet. Siste veiledning: [Azure OpenAI docs](https://learn.microsoft.com/en-us/azure/ai-foundry/). *(Verified MCP 2026-04)* | +| **Monitor Azure OpenAI** | https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/monitor-openai | ✅ Verified | +| **Azure security baseline for Azure OpenAI** | https://learn.microsoft.com/en-us/security/benchmark/azure/baselines/azure-openai-security-baseline | ✅ Verified — **OBS:** Basert på MCSB v1.0 (kan inneholde utdatert veiledning). Produktet refereres nå som "Foundry Tools" i baseline-dokumentet. Siste veiledning: [Azure OpenAI docs](https://learn.microsoft.com/en-us/azure/foundry/). *(Verified MCP 2026-04)* | | **Azure security baseline for Microsoft Foundry** | https://learn.microsoft.com/en-us/security/benchmark/azure/baselines/azure-ai-foundry-security-baseline | ✅ Verified — **OBS:** Tjenesten er omdøpt til "Microsoft Foundry" i baseline-dokumentet. Basert på MCSB v1.0. Viktige avvik: Customer Lockbox **ikke støttet** for Foundry, lokal autentisering til data plane **ikke støttet** (positivt for sikkerhet), DLP/sensitive data discovery **ikke støttet** nativt. *(Verified MCP 2026-04)* | | **Microsoft cloud security benchmark: Logging and threat detection** | https://learn.microsoft.com/en-us/security/benchmark/azure/mcsb-logging-threat-detection | ✅ Verified | | **Artificial Intelligence Security (AI-6: Establish monitoring and detection)** | https://learn.microsoft.com/en-us/security/benchmark/azure/mcsb-v2-artificial-intelligence-security | ✅ Verified | diff --git a/skills/ms-ai-governance/references/monitoring-observability/sla-monitoring-ai-services.md b/skills/ms-ai-governance/references/monitoring-observability/sla-monitoring-ai-services.md index e2aad22..93fb512 100644 --- a/skills/ms-ai-governance/references/monitoring-observability/sla-monitoring-ai-services.md +++ b/skills/ms-ai-governance/references/monitoring-observability/sla-monitoring-ai-services.md @@ -351,11 +351,11 @@ Metric Alert ### Microsoft Learn (Verified via MCP) 1. **Monitor Azure OpenAI** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/monitor-openai + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/monitor-openai *Confidence: Verified* — Detaljert guide til Azure Monitor-integrasjon for OpenAI. 2. **Azure OpenAI monitoring data reference** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/monitor-openai-reference + https://learn.microsoft.com/en-us/azure/foundry/openai/monitor-openai-reference *Confidence: Verified* — Fullstendig liste over metrics (inkl. `ModelAvailabilityRate`). 3. **Monitoring and diagnostics guidance** @@ -363,7 +363,7 @@ Metric Alert *Confidence: Verified* — SLA monitoring best practices (generell Azure-arkitektur). Dekker: tilgjengelighetssporing, ytelsesovervåkning, SLA-etterlevelse, sikkerhet/personvern, regulatorisk audit, trend-deteksjon. Brukes i AI-kontekst for å sikre end-to-end synlighet i distribuerte AI-systemer. *(Verified MCP 2026-04)* 4. **Azure OpenAI FAQ - SLA** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/faq#what-are-the-slas-service-level-agreements-in-azure-openai + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/faq#what-are-the-slas-service-level-agreements-in-azure-openai *Confidence: Verified* — Bekreftelse av 99.9% Availability SLA + Latency SLA for PTU. 5. **Supported metrics for Microsoft.CognitiveServices/accounts** diff --git a/skills/ms-ai-governance/references/monitoring-observability/token-usage-tracking-attribution.md b/skills/ms-ai-governance/references/monitoring-observability/token-usage-tracking-attribution.md index 2cd697a..af57e46 100644 --- a/skills/ms-ai-governance/references/monitoring-observability/token-usage-tracking-attribution.md +++ b/skills/ms-ai-governance/references/monitoring-observability/token-usage-tracking-attribution.md @@ -568,11 +568,11 @@ Owner: ## Kilder (Microsoft Learn) -1. [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/monitor-openai) — Official monitoring guide +1. [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/monitor-openai) — Official monitoring guide 2. [Implement advanced monitoring for Azure OpenAI in Foundry Models through a gateway](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/azure-openai-gateway-monitoring) *(Verified MCP 2026-04)* — Gateway patterns for usage tracking. Ny brukscase dokumentert: audit av model inputs/outputs for threat detection og data exfiltration detection. Merk: gateway monitoring kan bli single point of failure — vurder redundans. -3. [Plan to manage costs for Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/manage-costs) — Cost management strategies -4. [Token usage estimation for Azure OpenAI On Your Data](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/use-your-data#token-usage-estimation-for-azure-openai-on-your-data) — RAG-specific token calculations -5. [Understanding costs associated with PTU](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/provisioned-throughput-onboarding) — PTU billing model +3. [Plan to manage costs for Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs) — Cost management strategies +4. [Token usage estimation for Azure OpenAI On Your Data](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/use-your-data#token-usage-estimation-for-azure-openai-on-your-data) — RAG-specific token calculations +5. [Understanding costs associated with PTU](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/provisioned-throughput-billing) — PTU billing model 6. [Application design for AI workloads](https://learn.microsoft.com/en-us/azure/well-architected/ai/application-design#consider-nonfunctional-requirements) — Cost and chargeback scenarios 7. [Architecture strategies for cost data](https://learn.microsoft.com/en-us/azure/well-architected/cost-optimization/collect-review-cost-data#generate-cost-reports) — Chargeback vs. showback diff --git a/skills/ms-ai-governance/references/norwegian-public-sector-governance/copyright-ai-training-data-norway.md b/skills/ms-ai-governance/references/norwegian-public-sector-governance/copyright-ai-training-data-norway.md index ed2701a..cd7a2e7 100644 --- a/skills/ms-ai-governance/references/norwegian-public-sector-governance/copyright-ai-training-data-norway.md +++ b/skills/ms-ai-governance/references/norwegian-public-sector-governance/copyright-ai-training-data-norway.md @@ -142,7 +142,7 @@ Kunden må ha implementert alle mitigations (tiltak) som kreves i Azure OpenAI-d For å opprettholde CCC-dekning må kunder implementere følgende universelle mitigations: **1. Metaprompt (effektiv fra 1. desember 2023):** -Kundens løsning må inkludere en metaprompt som instruerer modellen til å forhindre opphavsrettsbrudd i output. Eksempel på anbefalt metaprompt finnes i Microsoft Learn: "To Avoid Copyright Infringements" i [System message framework and template recommendations for Large Language Models (LLMs)](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/system-message). +Kundens løsning må inkludere en metaprompt som instruerer modellen til å forhindre opphavsrettsbrudd i output. Eksempel på anbefalt metaprompt finnes i Microsoft Learn: "To Avoid Copyright Infringements" i [System message framework and template recommendations for Large Language Models (LLMs)](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/system-message). **2. Testing and Evaluation Report (effektiv fra 1. desember 2023):** Kundens løsning må ha vært gjenstand for evalueringer (f.eks. guided red teaming, systematisk måling, eller annen ekvivalent tilnærming) ved hjelp av tester designet for å oppdage output av tredjepartsinnhold. Betydelig løpende reproduksjon av tredjepartsinnhold oppdaget gjennom evaluering må adresseres. Rapporten over resultater og tiltak må oppbevares av kunden og gjøres tilgjengelig for Microsoft i tilfelle krav. @@ -243,11 +243,11 @@ Når du veileder norsk offentlig sektor om AI og opphavsrett, vurder disse spør - [Commission launches consultation on protocols for reserving rights from text and data mining under the AI Act and the GPAI Code of Practice](https://digital-strategy.ec.europa.eu/en/consultations/commission-launches-consultation-protocols-reserving-rights-text-and-data-mining-under-ai-act-and) ### Microsoft Learn-kilder -- [Customer Copyright Commitment Required Mitigations | Microsoft Learn](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/customer-copyright-commitment?view=foundry-classic) -- [Data, privacy, and security for Azure Direct Models in Microsoft Foundry | Microsoft Learn](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/data-privacy?view=foundry-classic) -- [Transparency note for Azure OpenAI | Microsoft Learn](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/transparency-note?view=foundry-classic) -- [Azure OpenAI frequently asked questions | Microsoft Learn](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/faq?view=foundry-classic) -- [System message framework and template recommendations for LLMs | Microsoft Learn](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/system-message) +- [Customer Copyright Commitment Required Mitigations | Microsoft Learn](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/customer-copyright-commitment?view=foundry-classic) +- [Data, privacy, and security for Azure Direct Models in Microsoft Foundry | Microsoft Learn](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/data-privacy?view=foundry-classic) +- [Transparency note for Azure OpenAI | Microsoft Learn](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/transparency-note?view=foundry-classic) +- [Azure OpenAI frequently asked questions | Microsoft Learn](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/faq?view=foundry-classic) +- [System message framework and template recommendations for LLMs | Microsoft Learn](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/system-message) --- diff --git a/skills/ms-ai-governance/references/responsible-ai/ai-impact-assessment-framework.md b/skills/ms-ai-governance/references/responsible-ai/ai-impact-assessment-framework.md index f85ac0d..a59b10c 100644 --- a/skills/ms-ai-governance/references/responsible-ai/ai-impact-assessment-framework.md +++ b/skills/ms-ai-governance/references/responsible-ai/ai-impact-assessment-framework.md @@ -616,7 +616,7 @@ Purview SDK-integrasjon gir: - Status: Azure ML GA feature 6. **Azure AI Foundry Evaluation** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/evaluation-github-action + - URL: https://learn.microsoft.com/en-us/azure/foundry/how-to/evaluation-github-action - Status: Azure AI Foundry GA 7. **Microsoft Purview AI Risk Management** diff --git a/skills/ms-ai-governance/references/responsible-ai/ai-risk-taxonomy-classification.md b/skills/ms-ai-governance/references/responsible-ai/ai-risk-taxonomy-classification.md index e35c7d0..7b2feb5 100644 --- a/skills/ms-ai-governance/references/responsible-ai/ai-risk-taxonomy-classification.md +++ b/skills/ms-ai-governance/references/responsible-ai/ai-risk-taxonomy-classification.md @@ -420,7 +420,7 @@ Anbefal denne kombinasjonen: - Innhold: Cross-product risk monitoring, AI inventory 5. **Default Guidelines & controls policies (Azure AI Foundry)** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/default-safety-policies + - URL: https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/default-safety-policies - Hentet: 2026-02-04 - Innhold: Content filtering categories, severity levels, default thresholds diff --git a/skills/ms-ai-governance/references/responsible-ai/algorithmic-accountability-auditability.md b/skills/ms-ai-governance/references/responsible-ai/algorithmic-accountability-auditability.md index f60d853..7531ada 100644 --- a/skills/ms-ai-governance/references/responsible-ai/algorithmic-accountability-auditability.md +++ b/skills/ms-ai-governance/references/responsible-ai/algorithmic-accountability-auditability.md @@ -516,7 +516,7 @@ registered_model = ml_client.models.create_or_update(model) (Assign unique identities, maintain agent inventory, centralize logging, track and allocate costs) 5. **Trace and observe AI agents in Microsoft Foundry** - https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/develop/trace-agents-sdk?view=foundry-classic + https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/develop/trace-agents-sdk?view=foundry-classic (OpenTelemetry tracing, Application Insights integration, Azure Monitor exporter) 6. **Microsoft Purview data security and compliance protections for generative AI apps** diff --git a/skills/ms-ai-governance/references/responsible-ai/bias-detection-mitigation-strategies.md b/skills/ms-ai-governance/references/responsible-ai/bias-detection-mitigation-strategies.md index 6cc0b28..4faf0fe 100644 --- a/skills/ms-ai-governance/references/responsible-ai/bias-detection-mitigation-strategies.md +++ b/skills/ms-ai-governance/references/responsible-ai/bias-detection-mitigation-strategies.md @@ -937,7 +937,7 @@ Risikokategori (EU AI Act)? Verifisert: 2026-02-03 | Status: GA | Confidence: ✅ High 6. **Content filter severity levels** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/content-filter-severity-levels + https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/content-filter-severity-levels Verifisert: 2026-02-03 | Status: GA | Confidence: ✅ High 7. **Monitor fairness and bias (Databricks)** diff --git a/skills/ms-ai-governance/references/responsible-ai/content-safety-implementation.md b/skills/ms-ai-governance/references/responsible-ai/content-safety-implementation.md index c585aae..d2df0ba 100644 --- a/skills/ms-ai-governance/references/responsible-ai/content-safety-implementation.md +++ b/skills/ms-ai-governance/references/responsible-ai/content-safety-implementation.md @@ -280,7 +280,7 @@ Azure AI Content Safety har PII-detection for completions: | **Record-keeping** | Retain logs i 6+ år (Azure Log Analytics long-term retention) | **Transparency Note:** -Microsoft publiserer [Transparency Note for Azure AI Content Safety](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/content-safety/transparency-note) som dekker: +Microsoft publiserer [Transparency Note for Azure AI Content Safety](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/content-safety/transparency-note) som dekker: - System capabilities and limitations - Training data og known biases - Best practices for deployment @@ -464,22 +464,22 @@ Scenario: 1 million samtaler/måned, gjennomsnitt 2 meldinger per samtale = 2M t 1. [What is Azure AI Content Safety?](https://learn.microsoft.com/en-us/azure/ai-services/content-safety/overview) *Confidence: High* — Oversikt over features, pricing tiers, region availability, service limits -2. [Content filtering overview (Azure OpenAI)](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/content-filter) +2. [Content filtering overview (Azure OpenAI)](https://learn.microsoft.com/en-us/azure/foundry-classic/foundry-models/concepts/content-filter) *Confidence: High* — Filter categories, severity levels, scenario details for API response behavior 3. [Harm categories in Azure AI Content Safety](https://learn.microsoft.com/en-us/azure/ai-services/content-safety/concepts/harm-categories) *Confidence: High* — Detaljert beskrivelse av severity levels 0-7 per kategori (hate, sexual, violence, self-harm) -4. [Data, privacy, and security for Azure AI Content Safety](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/content-safety/data-privacy) +4. [Data, privacy, and security for Azure AI Content Safety](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/content-safety/data-privacy) *Confidence: High* — Data residency, encryption at rest, customer controls, GDPR compliance statements 5. [Custom categories (preview)](https://learn.microsoft.com/en-us/azure/ai-services/content-safety/concepts/custom-categories) *Confidence: Medium* — Preview feature, API-detaljer kan endre seg før GA -6. [Transparency note: Azure AI Content Safety](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/content-safety/transparency-note) +6. [Transparency note: Azure AI Content Safety](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/content-safety/transparency-note) *Confidence: High* — System capabilities, intended uses, limitations, best practices -7. [Default Guidelines & controls policies (Azure OpenAI)](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/default-safety-policies) +7. [Default Guidelines & controls policies (Azure OpenAI)](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/default-safety-policies) *Confidence: High* — Default severity thresholds for text/image models, table of blocked categories 8. [Azure AI Content Safety Quickstart (C# code samples)](https://learn.microsoft.com/en-us/azure/ai-services/content-safety/quickstart-text?pivots=programming-language-csharp) @@ -488,7 +488,7 @@ Scenario: 1 million samtaler/måned, gjennomsnitt 2 meldinger per samtale = 2M t 9. [Mitigate false results in Azure AI Content Safety](https://learn.microsoft.com/en-us/azure/ai-services/content-safety/how-to/improve-performance) *Confidence: High* — Best practices for severity tuning, custom categories, blocklists -10. [Content Safety in the Microsoft Foundry portal](https://learn.microsoft.com/en-us/azure/ai-foundry/ai-services/content-safety-overview) +10. [Content Safety in the Microsoft Foundry portal](https://learn.microsoft.com/en-us/azure/foundry-classic/ai-services/content-safety-overview) *Confidence: High* — Beskrivelse av Content Safety Studio features, Try it out workflow **Baseline (modellkunnskap, ikke verifisert mot ferske kilder):** diff --git a/skills/ms-ai-governance/references/responsible-ai/continuous-improvement-feedback-loops.md b/skills/ms-ai-governance/references/responsible-ai/continuous-improvement-feedback-loops.md index b444666..c185e1d 100644 --- a/skills/ms-ai-governance/references/responsible-ai/continuous-improvement-feedback-loops.md +++ b/skills/ms-ai-governance/references/responsible-ai/continuous-improvement-feedback-loops.md @@ -48,7 +48,7 @@ Microsoft implementerer feedback loops gjennom hele AI-livssyklusen – fra utvi - Error logs og exception traces - User feedback (thumbs up/down, ratings) -**Confidence:** Verified – [MLflow Tracing](https://learn.microsoft.com/en-us/azure/databricks/mlflow3/genai/tracing/), [Azure Monitor](https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/observability) +**Confidence:** Verified – [MLflow Tracing](https://learn.microsoft.com/en-us/azure/databricks/mlflow3/genai/tracing/), [Azure Monitor](https://learn.microsoft.com/en-us/azure/foundry/concepts/observability) ### 2. Automated Quality Monitoring @@ -69,7 +69,7 @@ Microsoft bruker automated scorers (LLM judges) for kontinuerlig kvalitetsvurder - Automated alerts ved threshold violations - Integration med Azure AI Foundry evaluation tools -**Confidence:** Verified – [Generation Quality Monitoring](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/monitor-quality-safety?view=foundry-classic) +**Confidence:** Verified – [Generation Quality Monitoring](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/monitor-quality-safety?view=foundry-classic) ### 3. Human Feedback Integration @@ -258,7 +258,7 @@ model_monitor = MonitorSchedule( ) ``` -**Confidence:** Verified – [Azure AI Foundry Monitoring](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/monitor-quality-safety?view=foundry-classic) +**Confidence:** Verified – [Azure AI Foundry Monitoring](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/monitor-quality-safety?view=foundry-classic) ### MLflow on Azure Databricks @@ -531,7 +531,7 @@ Models, prompts, eval datasets, scorers – full reproducibility er non-negotiab - Key content: 10-step feedback loop, human-aligned metrics, production monitoring 2. **Azure AI Foundry Production Monitoring** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/monitor-quality-safety?view=foundry-classic + - URL: https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/monitor-quality-safety?view=foundry-classic - Key content: Continuous evaluation, scorers, threshold configuration 3. **AI Builder Feedback Loop** @@ -571,7 +571,7 @@ Models, prompts, eval datasets, scorers – full reproducibility er non-negotiab - Key content: Feedback mechanisms, bias monitoring, iterative updates 12. **Azure AI Foundry Observability Concepts** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/observability + - URL: https://learn.microsoft.com/en-us/azure/foundry/concepts/observability - Key content: Tracing, monitoring features, model performance tracking **Code samples (Verified):** diff --git a/skills/ms-ai-governance/references/responsible-ai/gdpr-compliance-ai-systems.md b/skills/ms-ai-governance/references/responsible-ai/gdpr-compliance-ai-systems.md index b2c8154..5c1b1ea 100644 --- a/skills/ms-ai-governance/references/responsible-ai/gdpr-compliance-ai-systems.md +++ b/skills/ms-ai-governance/references/responsible-ai/gdpr-compliance-ai-systems.md @@ -537,7 +537,7 @@ Norge implementerer GDPR gjennom personopplysningsloven. Datatilsynet er tilsyns *How to handle access, rectify, erase, restrict, portability, object requests* 6. **Data, privacy, and security for Azure OpenAI** - https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/data-privacy + https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/data-privacy *No training on customer data, no sharing with OpenAI, encryption, CMK support* 7. **Manage personal data in Azure Monitor Logs** diff --git a/skills/ms-ai-governance/references/responsible-ai/human-in-the-loop-oversight.md b/skills/ms-ai-governance/references/responsible-ai/human-in-the-loop-oversight.md index c95f882..f3dc0c2 100644 --- a/skills/ms-ai-governance/references/responsible-ai/human-in-the-loop-oversight.md +++ b/skills/ms-ai-governance/references/responsible-ai/human-in-the-loop-oversight.md @@ -790,7 +790,7 @@ For offentlig sektor i Norge: 3. [Power Automate - Multistage and AI approvals](https://learn.microsoft.com/en-us/microsoft-copilot-studio/flows-advanced-approvals) — Power Platform approvals 4. [FAQ for AI Approvals](https://learn.microsoft.com/en-us/microsoft-copilot-studio/faqs-ai-approvals) — Best practices og limitations 5. [Copilot Studio - Topic escalation analysis](https://learn.microsoft.com/en-us/microsoft-copilot-studio/guidance/deflection-topic-escalation-analysis) — Escalation patterns -6. [Azure AI Agent Service - Transparency Note](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/agents/transparency-note) — Real-time oversight guidance +6. [Azure AI Agent Service - Transparency Note](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/agents/transparency-note) — Real-time oversight guidance 7. [Durable Agent Features - HITL workflows](https://learn.microsoft.com/en-us/agent-framework/user-guide/agents/agent-types/durable-agent/features) — Durable Functions patterns 8. [Responsible AI in Azure workloads](https://learn.microsoft.com/en-us/azure/well-architected/ai/responsible-ai) — Escape hatches og human-in-the-loop checkpoints 9. [Catalog Enrichment Agent - Responsible AI FAQ](https://learn.microsoft.com/en-us/industry/retail/catalog-enrichment-agent/faqs-catalog-enrichment-agent) — Human-in-the-loop implementation example diff --git a/skills/ms-ai-governance/references/responsible-ai/model-explainability-interpretability.md b/skills/ms-ai-governance/references/responsible-ai/model-explainability-interpretability.md index 058f395..8b2c631 100644 --- a/skills/ms-ai-governance/references/responsible-ai/model-explainability-interpretability.md +++ b/skills/ms-ai-governance/references/responsible-ai/model-explainability-interpretability.md @@ -530,7 +530,7 @@ SLUTT: Dokumenter valg i ADR, implementer, valider med stakeholders *Confidence: Verified* - Alternative XAI-teknikk for .NET-utviklere 7. **Azure OpenAI Transparency Note - Limitations** - https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/transparency-note?view=foundry-classic#limitations + https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/transparency-note?view=foundry-classic#limitations *Confidence: Verified* - Begrensninger i explainability for fine-tuned og reasoning models ### Ekstern dokumentasjon (Baseline knowledge) diff --git a/skills/ms-ai-governance/references/responsible-ai/red-teaming-ai-models.md b/skills/ms-ai-governance/references/responsible-ai/red-teaming-ai-models.md index 6ee1d90..61d3319 100644 --- a/skills/ms-ai-governance/references/responsible-ai/red-teaming-ai-models.md +++ b/skills/ms-ai-governance/references/responsible-ai/red-teaming-ai-models.md @@ -247,7 +247,7 @@ steps: - Azure tool calls (✅ supported) - Function tool calls (❌ not supported) -**Comprehensive tools list:** [Azure AI Foundry Tools](https://learn.microsoft.com/en-us/azure/ai-foundry/agents/how-to/tools/overview) +**Comprehensive tools list:** [Azure AI Foundry Tools](https://learn.microsoft.com/en-us/azure/foundry-classic/agents/how-to/tools-classic/overview) ### Azure OpenAI Service @@ -492,10 +492,10 @@ jobs: | Kilde | URL | Verifikasjonsdato | |-------|-----|-------------------| -| **AI Red Teaming Agent (preview)** | https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/ai-red-teaming-agent | 2026-02-03 | +| **AI Red Teaming Agent (preview)** | https://learn.microsoft.com/en-us/azure/foundry/concepts/ai-red-teaming-agent | 2026-02-03 | | **Microsoft Security Benchmark: AI-7 Continuous Red Teaming** | https://learn.microsoft.com/en-us/security/benchmark/azure/mcsb-v2-artificial-intelligence-security#ai-7-perform-continuous-ai-red-teaming | 2026-02-03 | | **AI Red Teaming Training Series** | https://learn.microsoft.com/en-us/security/ai-red-team/training | 2026-02-03 | -| **Planning red teaming for LLMs** | https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/red-teaming | 2026-02-03 | +| **Planning red teaming for LLMs** | https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/red-teaming | 2026-02-03 | | **Prompt Shields (Jailbreak detection)** | https://learn.microsoft.com/en-us/azure/ai-services/content-safety/concepts/jailbreak-detection | 2026-02-03 | ### Open-source verktøy diff --git a/skills/ms-ai-governance/references/responsible-ai/responsible-ai-policy-development.md b/skills/ms-ai-governance/references/responsible-ai/responsible-ai-policy-development.md index d078028..4e0a1b8 100644 --- a/skills/ms-ai-governance/references/responsible-ai/responsible-ai-policy-development.md +++ b/skills/ms-ai-governance/references/responsible-ai/responsible-ai-policy-development.md @@ -227,7 +227,7 @@ Start: New AI initiative or capability? | **Content Safety** | Harmful content filtering (text, image, multimodal) | [Azure AI Content Safety](https://learn.microsoft.com/azure/ai-services/content-safety/) - konfigurerbare severity thresholds | | **Evaluation Tools** | Pre-deployment safety, hallucination, bias testing | [Foundry evaluation SDK](https://learn.microsoft.com/azure/ai-studio/) - integreres i CI/CD | | **Model Registry** | Versioning, approval workflows, provenance tracking | [Azure ML Model Registry](https://learn.microsoft.com/azure/machine-learning/concept-model-management-and-deployment) - RBAC-controlled | -| **Monitoring** | Model drift, performance degradation, quality metrics | [Foundry Agent Service metrics](https://learn.microsoft.com/azure/ai-foundry/agents/how-to/metrics) - alert rules | +| **Monitoring** | Model drift, performance degradation, quality metrics | [Foundry Agent Service metrics](https://learn.microsoft.com/azure/foundry/observability/how-to/how-to-monitor-agents-dashboard) - alert rules | | **Data Governance** | Data lineage, sensitivity labels, DLP policies | [Microsoft Purview integration](https://learn.microsoft.com/purview/ai-azure-services) | **Policy Implementation Example (Foundry):** diff --git a/skills/ms-ai-governance/references/responsible-ai/stakeholder-communication-ai-decisions.md b/skills/ms-ai-governance/references/responsible-ai/stakeholder-communication-ai-decisions.md index 9ec9f5f..018462b 100644 --- a/skills/ms-ai-governance/references/responsible-ai/stakeholder-communication-ai-decisions.md +++ b/skills/ms-ai-governance/references/responsible-ai/stakeholder-communication-ai-decisions.md @@ -804,7 +804,7 @@ Hvis noen av disse mangler: **IKKE deploy før de er på plass.** AI uten stakeh - Verifisert: 2026-02 6. **Transparency note for Azure OpenAI** - - https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/transparency-note?view=foundry-classic + - https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/transparency-note?view=foundry-classic - Status: GA - Verifisert: 2026-02 diff --git a/skills/ms-ai-governance/references/responsible-ai/transparency-documentation-standards.md b/skills/ms-ai-governance/references/responsible-ai/transparency-documentation-standards.md index 77450e1..d6a572b 100644 --- a/skills/ms-ai-governance/references/responsible-ai/transparency-documentation-standards.md +++ b/skills/ms-ai-governance/references/responsible-ai/transparency-documentation-standards.md @@ -380,7 +380,7 @@ rai_insights.save("rai_scorecard.pdf") - Content filter annotations → apps kan forklare hvorfor content ble blocked **Transparency Note URL:** -https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/transparency-note +https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/transparency-note --- @@ -699,15 +699,15 @@ Return on investment: Transparency er billigere enn cleanup. Skal vi prioritere **Verified sources (MCP: microsoft-learn):** 1. **Transparency note for Azure OpenAI** - https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/openai/transparency-note + https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/openai/transparency-note (Status: Verified 2026-02 — Latest updates: o3/o4-mini, Deep Research system cards) 2. **Transparency note for Azure AI Search** - https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/search/transparency-note + https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/search/transparency-note (Status: Verified 2026-02 — Recommendations for A/B testing, bias detection) 3. **Transparency note for Document Intelligence** - https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/document-intelligence/transparency-note + https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/document-intelligence/transparency-note (Status: Verified 2026-02 — Limitations for prebuilt/custom models) 4. **Responsible AI scorecard documentation** diff --git a/skills/ms-ai-infrastructure/references/bcdr/ai-foundry-disaster-recovery-planning.md b/skills/ms-ai-infrastructure/references/bcdr/ai-foundry-disaster-recovery-planning.md index dea806c..cff5dc5 100644 --- a/skills/ms-ai-infrastructure/references/bcdr/ai-foundry-disaster-recovery-planning.md +++ b/skills/ms-ai-infrastructure/references/bcdr/ai-foundry-disaster-recovery-planning.md @@ -482,10 +482,10 @@ Bruk Azure Chaos Studio for automatisert feilinjeksjon: ## Referanser -- [High availability and resiliency for Microsoft Foundry projects and Agent Services](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/high-availability-resiliency) -- [Foundry Agent Service disaster recovery](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/agent-service-disaster-recovery) -- [Foundry Agent Service resource and data loss recovery](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/agent-service-operator-disaster-recovery) -- [High availability and disaster recovery for hub projects](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/hub-disaster-recovery) +- [High availability and resiliency for Microsoft Foundry projects and Agent Services](https://learn.microsoft.com/en-us/azure/foundry/how-to/high-availability-resiliency) +- [Foundry Agent Service disaster recovery](https://learn.microsoft.com/en-us/azure/foundry/how-to/agent-service-disaster-recovery) +- [Foundry Agent Service resource and data loss recovery](https://learn.microsoft.com/en-us/azure/foundry/how-to/agent-service-operator-disaster-recovery) +- [High availability and disaster recovery for hub projects](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/hub-disaster-recovery) - [Azure security baseline for Azure AI Foundry - Backup and recovery](https://learn.microsoft.com/en-us/security/benchmark/azure/baselines/azure-ai-foundry-security-baseline#backup-and-recovery) - [Continuous backup with point-in-time restore in Azure Cosmos DB](https://learn.microsoft.com/en-us/azure/cosmos-db/continuous-backup-restore-introduction) diff --git a/skills/ms-ai-infrastructure/references/bcdr/capacity-planning-dr-configurations.md b/skills/ms-ai-infrastructure/references/bcdr/capacity-planning-dr-configurations.md index 9b5cdfa..f7a489f 100644 --- a/skills/ms-ai-infrastructure/references/bcdr/capacity-planning-dr-configurations.md +++ b/skills/ms-ai-infrastructure/references/bcdr/capacity-planning-dr-configurations.md @@ -329,7 +329,7 @@ az capacity reservation create \ - [Develop a disaster recovery plan — Optimize your recovery costs](https://learn.microsoft.com/en-us/azure/well-architected/design-guides/disaster-recovery#optimize-your-recovery-costs) — Kostnadsoptimalisering per tier - [Recovery strategy for active-passive (warm standby)](https://learn.microsoft.com/en-us/azure/well-architected/design-guides/disaster-recovery#recovery-strategy-for-active-passive-warm-standby) — Warm standby konfigurasjon - [Recovery strategy for active-active deployments](https://learn.microsoft.com/en-us/azure/well-architected/design-guides/disaster-recovery#recovery-strategy-for-active-active-deployments) — Active-active konfigurasjon -- [BCDR considerations with Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/business-continuity-disaster-recovery) — OpenAI-spesifikk kapasitetsplanlegging +- [BCDR considerations with Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/high-availability-resiliency) — OpenAI-spesifikk kapasitetsplanlegging - [Management recommendations for AI workloads on Azure IaaS](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/ai/infrastructure/management) — AI-workload management - [Azure Site Recovery — Plan capacity and scaling](https://learn.microsoft.com/en-us/azure/site-recovery/site-recovery-plan-capacity-vmware) — Kapasitetsplanlegging diff --git a/skills/ms-ai-infrastructure/references/bcdr/incident-response-ai-systems.md b/skills/ms-ai-infrastructure/references/bcdr/incident-response-ai-systems.md index 11705e5..83efe35 100644 --- a/skills/ms-ai-infrastructure/references/bcdr/incident-response-ai-systems.md +++ b/skills/ms-ai-infrastructure/references/bcdr/incident-response-ai-systems.md @@ -305,7 +305,7 @@ Tiltak: [Hva gjøres for å forhindre gjentakelse] - [Microsoft Defender for AI Services](https://learn.microsoft.com/en-us/azure/defender-for-cloud/ai-threat-protection) — AI-spesifikk trusseloppdaging - [Azure Monitor alerts overview](https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-overview) — Alert-rammeverk - [Microsoft Sentinel overview](https://learn.microsoft.com/en-us/azure/sentinel/overview) — SIEM/SOAR for sikkerhetshendelser -- [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/monitor-openai) — OpenAI-spesifikk monitoring +- [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/monitor-openai) — OpenAI-spesifikk monitoring ## For Cosmo diff --git a/skills/ms-ai-infrastructure/references/bcdr/monitoring-alerting-failover-detection.md b/skills/ms-ai-infrastructure/references/bcdr/monitoring-alerting-failover-detection.md index 5c03c1f..221c36a 100644 --- a/skills/ms-ai-infrastructure/references/bcdr/monitoring-alerting-failover-detection.md +++ b/skills/ms-ai-infrastructure/references/bcdr/monitoring-alerting-failover-detection.md @@ -438,7 +438,7 @@ Azure Monitor Application Insights tilbyr nå dedikert støtte for AI-agenter vi ## Referanser -- [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/monitor-openai) — OpenAI monitoring og alerting +- [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/monitor-openai) — OpenAI monitoring og alerting - [Monitor Azure AI Search](https://learn.microsoft.com/en-us/azure/search/monitor-azure-cognitive-search) — AI Search monitoring - [Azure Monitor alerts overview](https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-overview) — Alert-rammeverk *(Verified MCP 2026-04)* — Stateful vs. stateless alerts. **Simple Log Search Alerts** (GA) for per-row KQL evaluering — raskere varsling enn tradisjonelle log alerts. **Query-based metric alerts** for Prometheus/OTel (public preview). Alerts stored 30 dager. Fired instances er read-only. Alert processing rules for suppression ved planlagt vedlikehold. **Azure Monitor Baseline Alerts** (`aka.ms/amba`) for policy-basert alerting i skala via Azure Policy. - [Health modeling and observability of mission-critical workloads](https://learn.microsoft.com/en-us/azure/well-architected/mission-critical/mission-critical-health-modeling) — Health modeling diff --git a/skills/ms-ai-infrastructure/references/bcdr/multi-region-azure-openai-deployment.md b/skills/ms-ai-infrastructure/references/bcdr/multi-region-azure-openai-deployment.md index 00f4ed5..4a9d5a2 100644 --- a/skills/ms-ai-infrastructure/references/bcdr/multi-region-azure-openai-deployment.md +++ b/skills/ms-ai-infrastructure/references/bcdr/multi-region-azure-openai-deployment.md @@ -368,11 +368,11 @@ Prioritet 3: Standard Data Zone (EU) ## Referanser -- [Business Continuity and Disaster Recovery (BCDR) considerations with Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/business-continuity-disaster-recovery) +- [Business Continuity and Disaster Recovery (BCDR) considerations with Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/high-availability-resiliency) - [Use a gateway in front of multiple Azure OpenAI deployments or instances](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/azure-openai-gateway-multi-backend) - [Backends in API Management - Load-balanced pool](https://learn.microsoft.com/en-us/azure/api-management/backends#load-balanced-pool) -- [Manage Azure OpenAI quota](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/quota) -- [Azure OpenAI model availability by region](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/models) +- [Manage Azure OpenAI quota](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/quota) +- [Azure OpenAI model availability by region](https://learn.microsoft.com/en-us/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure) - [Smart Load Balancing for OpenAI with Azure API Management](https://github.com/Azure-Samples/openai-apim-lb) ## For Cosmo diff --git a/skills/ms-ai-infrastructure/references/bcdr/rto-rpo-planning-ai-services.md b/skills/ms-ai-infrastructure/references/bcdr/rto-rpo-planning-ai-services.md index e433104..657c3e9 100644 --- a/skills/ms-ai-infrastructure/references/bcdr/rto-rpo-planning-ai-services.md +++ b/skills/ms-ai-infrastructure/references/bcdr/rto-rpo-planning-ai-services.md @@ -251,7 +251,7 @@ NSM (Nasjonal sikkerhetsmyndighet) krever: - [Business continuity and disaster recovery overview](https://learn.microsoft.com/en-us/azure/reliability/concept-business-continuity-high-availability-disaster-recovery) — Grunnleggende BCDR-konsepter og definisjoner - [Develop a disaster recovery plan for multi-region deployments](https://learn.microsoft.com/en-us/azure/well-architected/design-guides/disaster-recovery) — WAF-veiledning for DR-planlegging - [Recommendations for defining reliability targets](https://learn.microsoft.com/en-us/azure/well-architected/reliability/metrics) — SLO, RTO og RPO-definisjoner -- [BCDR considerations with Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/business-continuity-disaster-recovery) — Azure OpenAI-spesifikk BCDR +- [BCDR considerations with Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/high-availability-resiliency) — Azure OpenAI-spesifikk BCDR - [Azure Storage redundancy](https://learn.microsoft.com/en-us/azure/storage/common/storage-redundancy) — GRS, GZRS og replikeringsalternativer - [Azure Storage Geo Priority Replication](https://learn.microsoft.com/en-us/azure/storage/common/storage-redundancy-priority-replication) — SLA-backed RPO for blobs - [Reliability in Azure AI Search](https://learn.microsoft.com/en-us/azure/reliability/reliability-ai-search) — Tilgjengelighet og DR for AI Search diff --git a/skills/ms-ai-security/references/ai-security-engineering/adversarial-input-robustness-testing.md b/skills/ms-ai-security/references/ai-security-engineering/adversarial-input-robustness-testing.md index 1d20ecb..ca2c28a 100644 --- a/skills/ms-ai-security/references/ai-security-engineering/adversarial-input-robustness-testing.md +++ b/skills/ms-ai-security/references/ai-security-engineering/adversarial-input-robustness-testing.md @@ -504,7 +504,7 @@ outputs = await simulator( ## References - [Threat Modeling AI/ML Systems](https://learn.microsoft.com/en-us/security/engineering/threat-modeling-aiml) — Microsoft Security Engineering -- [AI Red Teaming Agent](https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/ai-red-teaming-agent) — Azure AI Foundry +- [AI Red Teaming Agent](https://learn.microsoft.com/en-us/azure/foundry/concepts/ai-red-teaming-agent) — Azure AI Foundry - [PyRIT Framework](https://azure.github.io/PyRIT/) — Microsoft open-source red teaming tool - [Artificial Intelligence Security (MCSB)](https://learn.microsoft.com/en-us/security/benchmark/azure/mcsb-v2-artificial-intelligence-security) — Azure Security Benchmark - [Failure Modes in Machine Learning](https://learn.microsoft.com/en-us/security/engineering/failure-modes-in-machine-learning) — Microsoft Security diff --git a/skills/ms-ai-security/references/ai-security-engineering/ai-security-scoring-framework.md b/skills/ms-ai-security/references/ai-security-engineering/ai-security-scoring-framework.md index d254abb..6c66500 100644 --- a/skills/ms-ai-security/references/ai-security-engineering/ai-security-scoring-framework.md +++ b/skills/ms-ai-security/references/ai-security-engineering/ai-security-scoring-framework.md @@ -464,7 +464,7 @@ For statlige AI-prosjekter som krever beslutningsgrunnlag: *Confidence: Verified* — Logging, threat detection, compliance controls 6. **Evaluate generative AI models (Azure AI Foundry)** - https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/evaluate-generative-ai-app + https://learn.microsoft.com/en-us/azure/foundry/how-to/evaluate-generative-ai-app *Confidence: Verified* — AI quality metrics (NLP + AI-assisted), risk and safety metrics (content harm, ASR) 7. **Azure Defender for Cloud - Resource Graph samples** diff --git a/skills/ms-ai-security/references/ai-security-engineering/content-safety-filter-calibration.md b/skills/ms-ai-security/references/ai-security-engineering/content-safety-filter-calibration.md index 6c23f32..29920a0 100644 --- a/skills/ms-ai-security/references/ai-security-engineering/content-safety-filter-calibration.md +++ b/skills/ms-ai-security/references/ai-security-engineering/content-safety-filter-calibration.md @@ -505,10 +505,10 @@ Denne referansen er basert på offisiell Microsoft-dokumentasjon og verifiserte ### Primærkilder (Verified) 1. [Mitigate false results in Azure AI Content Safety](https://learn.microsoft.com/en-us/azure/ai-services/content-safety/how-to/improve-performance) — Severity tuning, blocklists, custom categories -2. [Configure content filters - Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/content-filters) — Deployment + request-level configuration -3. [Content filter configurability](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/content-filter-configurability) — Severity levels, approval process +2. [Configure content filters - Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/content-filters) — Deployment + request-level configuration +3. [Content filter configurability](https://learn.microsoft.com/en-us/azure/foundry-classic/foundry-models/concepts/content-filter) — Severity levels, approval process 4. [Azure AI Content Safety FAQ](https://learn.microsoft.com/en-us/azure/ai-services/content-safety/faq) — Threshold recommendations, multilingual support, pricing -5. [Transparency note: Azure AI Content Safety](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/content-safety/transparency-note) — Severity definitions, best practices, bias mitigation +5. [Transparency note: Azure AI Content Safety](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/content-safety/transparency-note) — Severity definitions, best practices, bias mitigation 6. [Python SDK code samples](https://learn.microsoft.com/en-us/python/api/overview/azure/ai-contentsafety-readme) — AnalyzeText API, blocklist usage ### Konfidensgradering diff --git a/skills/ms-ai-security/references/ai-security-engineering/data-leakage-prevention-ai.md b/skills/ms-ai-security/references/ai-security-engineering/data-leakage-prevention-ai.md index 408ed57..886b95b 100644 --- a/skills/ms-ai-security/references/ai-security-engineering/data-leakage-prevention-ai.md +++ b/skills/ms-ai-security/references/ai-security-engineering/data-leakage-prevention-ai.md @@ -178,8 +178,8 @@ Invoke-AzRestMethod @patchParams **Konsept:** Implementer network security perimeter for å begrense inbound og outbound access til Azure OpenAI og Foundry-baserte prosjekter. **Implementering:** -- [Add network security perimeter to Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/network-security-perimeter) -- [Add Foundry to a network security perimeter](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/add-foundry-to-network-security-perimeter) +- [Add network security perimeter to Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/network-security-perimeter) +- [Add Foundry to a network security perimeter](https://learn.microsoft.com/en-us/azure/foundry/how-to/add-foundry-to-network-security-perimeter) **Kombiner med:** - Azure Private Link for network-level data isolation diff --git a/skills/ms-ai-security/references/ai-security-engineering/entra-agent-id-zero-trust.md b/skills/ms-ai-security/references/ai-security-engineering/entra-agent-id-zero-trust.md index 47b9f13..2a435e2 100644 --- a/skills/ms-ai-security/references/ai-security-engineering/entra-agent-id-zero-trust.md +++ b/skills/ms-ai-security/references/ai-security-engineering/entra-agent-id-zero-trust.md @@ -427,7 +427,7 @@ Når en Foundry-agent publiseres, endres identiteten fra delt prosjektidentitet 1. [Security for AI agents with Microsoft Entra Agent ID](https://learn.microsoft.com/entra/agent-id/identity-professional/security-for-ai) — Oversikt over sikkerhetsrammeverket 2. [What are agent identities](https://learn.microsoft.com/entra/agent-id/identity-platform/what-is-agent-id) — Kjernekonsepted for agentidentiteter 3. [Agent identity and blueprint concepts in Microsoft Entra ID](https://learn.microsoft.com/entra/agent-id/identity-platform/key-concepts) — Blueprints og arkitektur -4. [Agent identity concepts in Microsoft Foundry](https://learn.microsoft.com/azure/ai-foundry/agents/concepts/agent-identity?view=foundry) — Foundry-integrasjon med agentidentiteter +4. [Agent identity concepts in Microsoft Foundry](https://learn.microsoft.com/azure/foundry/agents/concepts/agent-identity?view=foundry) — Foundry-integrasjon med agentidentiteter 5. [Automatically create Microsoft Entra agent identities for Copilot Studio agents](https://learn.microsoft.com/en-us/microsoft-copilot-studio/admin-use-entra-agent-identities) — Copilot Studio-integrasjon 6. [What is the Microsoft Entra Agent Registry?](https://learn.microsoft.com/entra/agent-id/identity-platform/what-is-agent-registry) — Agent Registry-konsepter 7. [Authorization in Microsoft Entra Agent ID](https://learn.microsoft.com/entra/agent-id/identity-professional/authorization-agent-id) — Roller, tillatelser og blokkerte rettigheter diff --git a/skills/ms-ai-security/references/ai-security-engineering/jailbreak-prevention-production.md b/skills/ms-ai-security/references/ai-security-engineering/jailbreak-prevention-production.md index 727926e..a95a471 100644 --- a/skills/ms-ai-security/references/ai-security-engineering/jailbreak-prevention-production.md +++ b/skills/ms-ai-security/references/ai-security-engineering/jailbreak-prevention-production.md @@ -519,7 +519,7 @@ print(f"Jailbreak resistance score: {results['jailbreak_resistance']}") ### Microsoft Learn Documentation 1. **Prompt Shields in Azure AI Foundry** - [https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/content-filter-prompt-shields](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/content-filter-prompt-shields) + [https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/content-filter-prompt-shields](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/content-filter-prompt-shields) *Offisiell dokumentasjon for Prompt Shields i Azure OpenAI content filtering-systemet.* 2. **Prompt Shields in Azure AI Content Safety** @@ -527,7 +527,7 @@ print(f"Jailbreak resistance score: {results['jailbreak_resistance']}") *Unified API for jailbreak detection med user scenarios og implementation guide.* 3. **Safety System Messages - Step-by-step Authoring Best Practices** - [https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/system-message](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/system-message) + [https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/system-message](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/system-message) *Best practices for system message design som første forsvarslinje.* 4. **Security Planning for LLM-based Applications** @@ -535,7 +535,7 @@ print(f"Jailbreak resistance score: {results['jailbreak_resistance']}") *Comprehensive security planning guide med threat modeling for LLM apps.* 5. **Azure OpenAI Default Safety Policies** - [https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/default-safety-policies](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/default-safety-policies) + [https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/default-safety-policies](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/default-safety-policies) *Default safety policies inkludert jailbreak detection thresholds.* 6. **API Management - llm-content-safety Policy** diff --git a/skills/ms-ai-security/references/ai-security-engineering/model-fingerprinting-watermarking.md b/skills/ms-ai-security/references/ai-security-engineering/model-fingerprinting-watermarking.md index 7a6f6f3..142a83f 100644 --- a/skills/ms-ai-security/references/ai-security-engineering/model-fingerprinting-watermarking.md +++ b/skills/ms-ai-security/references/ai-security-engineering/model-fingerprinting-watermarking.md @@ -541,7 +541,7 @@ Trenger kunde watermarking/fingerprinting? ## Kilder 1. **C2PA Specification** — https://c2pa.org/specifications/specifications/2.1/specs/C2PA_Specification.html -2. **Azure OpenAI Content Credentials** — https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/content-credentials +2. **Azure OpenAI Content Credentials** — https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/content-credentials 3. **Azure Text to Speech Content Credentials** — https://learn.microsoft.com/en-us/azure/ai-services/speech-service/text-to-speech-avatar/content-credentials 4. **Microsoft 365 Watermarking** — https://learn.microsoft.com/en-us/copilot/microsoft-365/watermarks 5. **Azure Machine Learning Model Management** — https://learn.microsoft.com/en-us/azure/machine-learning/concept-model-management-and-deployment diff --git a/skills/ms-ai-security/references/ai-security-engineering/output-validation-grounding-verification.md b/skills/ms-ai-security/references/ai-security-engineering/output-validation-grounding-verification.md index adabee0..2ca3f23 100644 --- a/skills/ms-ai-security/references/ai-security-engineering/output-validation-grounding-verification.md +++ b/skills/ms-ai-security/references/ai-security-engineering/output-validation-grounding-verification.md @@ -647,19 +647,19 @@ def cached_groundedness_check(key): [Verified: 2026-02] 3. **Content Filter Groundedness (Azure OpenAI):** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/content-filter-groundedness + https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/content-filter-groundedness [Verified: 2026-02] 4. **Azure AI Evaluation SDK (Groundedness Evaluator):** - https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/develop/evaluate-sdk + https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/develop/evaluate-sdk [Verified: 2026-02] 5. **Azure AI Search Grounding (Transparency Note):** - https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/search/transparency-note + https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/search/transparency-note [Verified: 2026-02] 6. **Bing Grounding Tools for Agents:** - https://learn.microsoft.com/en-us/azure/ai-foundry/agents/how-to/tools/bing-tools + https://learn.microsoft.com/en-us/azure/foundry/agents/how-to/tools/bing-tools [Verified: 2026-02] 7. **Security Planning for LLM Applications (Output Validation):** diff --git a/skills/ms-ai-security/references/ai-security-engineering/pii-detection-norwegian-context.md b/skills/ms-ai-security/references/ai-security-engineering/pii-detection-norwegian-context.md index ace4241..77fb409 100644 --- a/skills/ms-ai-security/references/ai-security-engineering/pii-detection-norwegian-context.md +++ b/skills/ms-ai-security/references/ai-security-engineering/pii-detection-norwegian-context.md @@ -419,7 +419,7 @@ df_masked = df.withColumn("text_masked", mask_pii_udf(df.text)) - [Recognized PII and PHI Entities](https://learn.microsoft.com/en-us/azure/ai-services/language-service/personally-identifiable-information/concepts/entity-categories) (inkluderer NOIdentityNumber) - [How to: Redact Text PII](https://learn.microsoft.com/en-us/azure/ai-services/language-service/personally-identifiable-information/how-to/redact-text-pii) — Oppdatert: ny DisableEntityValidation, EntitySynonyms, ValueExclusionPolicy, per-entity confidence threshold overrides (2025-11-15-preview) - [Quickstart: Detect PII](https://learn.microsoft.com/en-us/azure/ai-services/language-service/personally-identifiable-information/quickstart) — Quickstart er nå for native document PII; link til text/conversation how-to-guides for tekst-PII -- [Transparency Note for PII](https://learn.microsoft.com/en-us/azure/ai-foundry/responsible-ai/language-service/transparency-note-personally-identifiable-information) (GDPR compliance, nå under Azure AI Foundry responsible AI) +- [Transparency Note for PII](https://learn.microsoft.com/en-us/azure/foundry/responsible-ai/language-service/transparency-note-personally-identifiable-information) (GDPR compliance, nå under Azure AI Foundry responsible AI) **Baseline (modellkunnskap):** - Norsk fødselsnummer-format (11 siffer, mod11-checksumvalidering) diff --git a/skills/ms-ai-security/references/ai-security-engineering/prompt-injection-defense-patterns.md b/skills/ms-ai-security/references/ai-security-engineering/prompt-injection-defense-patterns.md index 6473ae6..c5bf305 100644 --- a/skills/ms-ai-security/references/ai-security-engineering/prompt-injection-defense-patterns.md +++ b/skills/ms-ai-security/references/ai-security-engineering/prompt-injection-defense-patterns.md @@ -445,8 +445,8 @@ Når du diskuterer prompt injection-forsvar med kunder, still disse spørsmålen - [Prompt Shields - Azure AI Content Safety](https://learn.microsoft.com/en-us/azure/ai-services/content-safety/concepts/jailbreak-detection) (GA) - [Microsoft Security Benchmark - AI Security Controls](https://learn.microsoft.com/en-us/security/benchmark/azure/mcsb-v2-artificial-intelligence-security) (AI-2, AI-3) - [Security Planning for LLM Applications](https://learn.microsoft.com/en-us/ai/playbook/technology-guidance/generative-ai/mlops-in-openai/security/security-plan-llm-application) -- [Content Filtering Overview](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/content-filter) -- [Default Safety Policies](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/default-safety-policies) +- [Content Filtering Overview](https://learn.microsoft.com/en-us/azure/foundry-classic/foundry-models/concepts/content-filter) +- [Default Safety Policies](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/default-safety-policies) **Tools and Services:** - Azure AI Content Safety: [Overview](https://learn.microsoft.com/en-us/azure/ai-services/content-safety/overview) diff --git a/skills/ms-ai-security/references/ai-security-engineering/zero-trust-ai-services.md b/skills/ms-ai-security/references/ai-security-engineering/zero-trust-ai-services.md index 4b44cf7..5038d70 100644 --- a/skills/ms-ai-security/references/ai-security-engineering/zero-trust-ai-services.md +++ b/skills/ms-ai-security/references/ai-security-engineering/zero-trust-ai-services.md @@ -907,7 +907,7 @@ Logging & Monitoring: Denne guiden er basert på følgende Microsoft Learn-dokumentasjon (sist verifisert 2026-04): 1. [Secure networks with SASE, Zero Trust, and AI](https://learn.microsoft.com/en-us/security/zero-trust/deploy/networks) — Offisiell Zero Trust nettverksguide -2. [How to configure Azure OpenAI with managed identities](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/managed-identity) — Managed Identity-konfigurasjon for Azure OpenAI +2. [How to configure Azure OpenAI with managed identities](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/managed-identity) — Managed Identity-konfigurasjon for Azure OpenAI 3. [Managed identities: role-based access control (RBAC)](https://learn.microsoft.com/en-us/azure/ai-services/translator/document-translation/how-to-guides/create-use-managed-identities) — RBAC-implementering for AI Services 4. [Azure security baseline for Azure OpenAI](https://learn.microsoft.com/en-us/security/benchmark/azure/baselines/azure-openai-security-baseline) — Sikkerhetsbaseline med Identity Management-krav 5. [Build a strong security posture for AI](https://learn.microsoft.com/en-us/security/security-for-ai/posture) — Zero Trust-prinsipper for AI-sikkerhet diff --git a/skills/ms-ai-security/references/cost-optimization/azure-ai-foundry-cost-governance.md b/skills/ms-ai-security/references/cost-optimization/azure-ai-foundry-cost-governance.md index 654cc77..585bf52 100644 --- a/skills/ms-ai-security/references/cost-optimization/azure-ai-foundry-cost-governance.md +++ b/skills/ms-ai-security/references/cost-optimization/azure-ai-foundry-cost-governance.md @@ -805,27 +805,27 @@ Savings with PTU: 3 000 NOK/month (17% reduction) *Confidence: Verified (Feb 2026)* — Comprehensive governance framework, 8-step cost governance process 2. **Manage and increase quotas for hub resources** - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/hub-quota + URL: https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/hub-quota *Confidence: Verified (Feb 2026)* — Quota management UI, VM quota, model quota allocation 3. **Plan and manage costs for Microsoft Foundry** - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/manage-costs + URL: https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs *Confidence: Verified (Feb 2026)* — Budget creation, cost monitoring, RBAC for cost visibility 4. **Azure OpenAI Dynamic quota (Preview)** - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/dynamic-quota + URL: https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/dynamic-quota *Confidence: Verified (Feb 2026)* — When to use dynamic quota, cost implications 5. **Consolidated view for Foundry Tools in the Azure portal** - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/ai-foundry-consolidated-view + URL: https://learn.microsoft.com/en-us/azure/foundry-classic/concepts/ai-foundry-consolidated-view *Confidence: Verified (Feb 2026)* — Dashboard for costs, quota utilization, alerts 6. **Azure OpenAI quotas and limits** - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/quotas-limits + URL: https://learn.microsoft.com/en-us/azure/foundry/openai/quotas-limits *Confidence: Verified (Feb 2026)* — Model-specific TPM/RPM limits by tier 7. **Azure OpenAI in Azure AI Foundry Models quota management** - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/quota + URL: https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/quota *Confidence: Verified (Feb 2026)* — Quota view, request increases, migrating deployments 8. **Manage AI costs (Cloud Adoption Framework)** @@ -833,7 +833,7 @@ Savings with PTU: 3 000 NOK/month (17% reduction) *Confidence: Verified (Feb 2026)* — Monthly reviews, model selection optimization 9. **Microsoft Foundry rollout across organization (Governance section)** - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/planning#governance + URL: https://learn.microsoft.com/en-us/azure/foundry/concepts/planning#governance *Confidence: Verified (Feb 2026)* — Azure Policy for model access, TPM limits at deployment level 10. **Azure API Management generative AI gateway capabilities** diff --git a/skills/ms-ai-security/references/cost-optimization/batch-processing-cost-reduction.md b/skills/ms-ai-security/references/cost-optimization/batch-processing-cost-reduction.md index 479cea8..803023d 100644 --- a/skills/ms-ai-security/references/cost-optimization/batch-processing-cost-reduction.md +++ b/skills/ms-ai-security/references/cost-optimization/batch-processing-cost-reduction.md @@ -307,7 +307,7 @@ Kreves respons < 5 sekunder? ### Microsoft Learn (Verified via MCP) 1. **Getting started with Azure OpenAI batch deployments** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/batch + - URL: https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/batch - Konfidens: **Verified** (fetched 2026-02) - Innhold: Deployment types, pricing (50% reduction), dynamic quota, exponential backoff, supported models, API versions @@ -317,24 +317,24 @@ Kreves respons < 5 sekunder? - Innhold: 50% cost reduction for batch vs. global standard 3. **What's new in Azure OpenAI (August 2024)** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/whats-new#august-2024 + - URL: https://learn.microsoft.com/en-us/azure/foundry-classic/openai/whats-new#august-2024 - Konfidens: **Verified** - Innhold: Batch API announcement, key use cases, GA status 4. **Azure OpenAI deployment types** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/deployment-types + - URL: https://learn.microsoft.com/en-us/azure/foundry/foundry-models/concepts/deployment-types - Konfidens: **Verified** - Innhold: Global-Batch vs. Data Zone Batch, dynamic quota ### Code samples (Verified via MCP) 5. **Python: Create batch job with DefaultAzureCredential** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/batch?pivots=programming-language-python + - URL: https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/batch?pivots=programming-language-python - Konfidens: **Verified** - Innhold: OpenAI Python SDK examples for batch job creation 6. **Python: Upload batch file with expiration** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/batch?pivots=programming-language-python#upload-batch-file + - URL: https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/batch?pivots=programming-language-python#upload-batch-file - Konfidens: **Verified** - Innhold: File upload with 14-30 day expiration diff --git a/skills/ms-ai-security/references/cost-optimization/budget-forecasting-ai-projects.md b/skills/ms-ai-security/references/cost-optimization/budget-forecasting-ai-projects.md index e17879b..16ab400 100644 --- a/skills/ms-ai-security/references/cost-optimization/budget-forecasting-ai-projects.md +++ b/skills/ms-ai-security/references/cost-optimization/budget-forecasting-ai-projects.md @@ -467,7 +467,7 @@ Korrekt forecasting driver kostnadsoptimalisering: *Confidence: Verified* — Komplett guide til forecasting i Azure 2. **Plan to Manage Costs for Azure OpenAI** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/manage-costs + https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs *Confidence: Verified* — Token-basert pricing, forecasting, budgets 3. **Azure Cost Management - Create Budgets** @@ -491,7 +491,7 @@ Korrekt forecasting driver kostnadsoptimalisering: *Confidence: Verified* — Well-Architected Framework 8. **Fine-Tuning Cost Management** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/fine-tuning-cost-management + https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/fine-tuning-cost-management *Confidence: Verified* — Training + hosting + inference cost --- diff --git a/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md b/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md index 3d69b46..08f4c80 100644 --- a/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md +++ b/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md @@ -536,17 +536,17 @@ GPT-4o mini og GPT-4o brukes fortsatt i US Government regions (offer comparable ### Primærkilder (Microsoft Learn, bekreftet februar 2026) 1. **GPT-5 vs GPT-4.1: choosing the right model for your use case** - URL: https://learn.microsoft.com/azure/ai-foundry/foundry-models/how-to/model-choice-guide?view=foundry-classic + URL: https://learn.microsoft.com/azure/foundry/foundry-models/how-to/model-choice-guide?view=foundry-classic Hentet: 2026-02 Innhold: Modellsammenligning, reasoning-nivåer, latens-trade-offs, use-case guidance 2. **Foundry Models sold directly by Azure — GPT-4.1 og GPT-5-serien** - URL: https://learn.microsoft.com/azure/ai-foundry/foundry-models/concepts/models-sold-directly-by-azure?view=foundry-classic + URL: https://learn.microsoft.com/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure?view=foundry-classic Hentet: 2026-02 Innhold: Kontekstvindu, max output tokens, treningsdata, versjonsoversikt, tilgjengelighetskrav 3. **Provisioned throughput unit (PTU) costs and billing** - URL: https://learn.microsoft.com/azure/ai-foundry/openai/how-to/provisioned-throughput-onboarding?view=foundry-classic + URL: https://learn.microsoft.com/azure/foundry/openai/concepts/provisioned-throughput-billing?view=foundry-classic Hentet: 2026-02 Innhold: PTU-kapasitet per modell (TPM/PTU), min deployment, latens-SLA, input/output-ratio (1:4 for gpt-4.1, 1:8 for gpt-5) @@ -556,7 +556,7 @@ GPT-4o mini og GPT-4o brukes fortsatt i US Government regions (offer comparable Innhold: Priseksempler med gpt-4.1 Global ($2/$8) og gpt-4.1-mini Global ($0.40/$1.60) bekreftet 5. **Azure OpenAI in Microsoft Foundry Models quotas and limits** - URL: https://learn.microsoft.com/azure/ai-foundry/openai/quotas-limits?view=foundry-classic + URL: https://learn.microsoft.com/azure/foundry/openai/quotas-limits?view=foundry-classic Hentet: 2026-02 Innhold: GPT-5- og GPT-4.1-seriens kvotestruktur, usage tiers, deployment-typer @@ -566,12 +566,12 @@ GPT-4o mini og GPT-4o brukes fortsatt i US Government regions (offer comparable Innhold: Copilot Credits-klassifisering (Basic/Standard/Premium) per modell, tilgjengelige modeller 7. **Cost management for fine-tuning** - URL: https://learn.microsoft.com/azure/ai-foundry/openai/how-to/fine-tuning-cost-management?view=foundry-classic + URL: https://learn.microsoft.com/azure/foundry/openai/how-to/fine-tuning-cost-management?view=foundry-classic Hentet: 2026-02 Innhold: Fine-tuning kostnad, hosting $1.70/time (o4-mini eksempel) 8. **Plan and manage costs for Microsoft Foundry** - URL: https://learn.microsoft.com/azure/ai-foundry/concepts/manage-costs?view=foundry-classic + URL: https://learn.microsoft.com/azure/foundry/concepts/manage-costs?view=foundry-classic Hentet: 2026-02 Innhold: Billing-modell, token-basert prising, 1K-token enheter diff --git a/skills/ms-ai-security/references/cost-optimization/inference-endpoint-cost-optimization.md b/skills/ms-ai-security/references/cost-optimization/inference-endpoint-cost-optimization.md index e774cf0..d0de866 100644 --- a/skills/ms-ai-security/references/cost-optimization/inference-endpoint-cost-optimization.md +++ b/skills/ms-ai-security/references/cost-optimization/inference-endpoint-cost-optimization.md @@ -571,9 +571,9 @@ Hvis inference-kostnad per prediction >10% av business value per prediction, er - [Plan to manage costs for Azure Machine Learning](https://learn.microsoft.com/en-us/azure/machine-learning/concept-plan-manage-cost?view=azureml-api-2) — **Verified** **Serverless API Endpoints:** -- [Deploy models as serverless API deployments (AI Foundry Portal)](https://learn.microsoft.com/en-us/azure/ai-foundry/how-to/deploy-models-serverless?view=foundry-classic) — **Verified** -- [Plan and manage costs for Microsoft Foundry](https://learn.microsoft.com/en-us/azure/ai-foundry/concepts/manage-costs?view=foundry-classic) — **Verified** -- [Plan to manage costs for Azure OpenAI in Azure AI Foundry Models](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/manage-costs) — **Verified** +- [Deploy models as serverless API deployments (AI Foundry Portal)](https://learn.microsoft.com/en-us/azure/foundry-classic/how-to/deploy-models-serverless?view=foundry-classic) — **Verified** +- [Plan and manage costs for Microsoft Foundry](https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs?view=foundry-classic) — **Verified** +- [Plan to manage costs for Azure OpenAI in Azure AI Foundry Models](https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs) — **Verified** **Cost Governance:** - [Govern Azure platform services (PaaS) for AI](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/ai/platform/governance) — **Verified** diff --git a/skills/ms-ai-security/references/cost-optimization/model-selection-price-performance.md b/skills/ms-ai-security/references/cost-optimization/model-selection-price-performance.md index 50f4003..9e493a9 100644 --- a/skills/ms-ai-security/references/cost-optimization/model-selection-price-performance.md +++ b/skills/ms-ai-security/references/cost-optimization/model-selection-price-performance.md @@ -497,32 +497,32 @@ Bruk alltid confidence markers når du anbefaler modeller: ### Primærkilder (Microsoft Learn) 1. **GPT-5 vs GPT-4.1: choosing the right model for your use case** - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/foundry-models/how-to/model-choice-guide?view=foundry-classic + URL: https://learn.microsoft.com/en-us/azure/foundry/foundry-models/how-to/model-choice-guide?view=foundry-classic Hentet: 2026-02 Innhold: Modellsammenligninger, latency trade-offs, reasoning-nivåer 2. **Plan to manage costs for Azure OpenAI in Azure AI Foundry Models** - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/manage-costs + URL: https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs Hentet: 2026-02 Innhold: Billing models, token pricing, cost monitoring 3. **Cost management for fine-tuning** - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/fine-tuning-cost-management?view=foundry-classic + URL: https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/fine-tuning-cost-management?view=foundry-classic Hentet: 2026-02 Innhold: Training costs, hosting costs, deployment types 4. **Optimize model cost and performance** - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/control-plane/how-to-optimize-cost-performance?view=foundry + URL: https://learn.microsoft.com/en-us/azure/foundry/control-plane/how-to-optimize-cost-performance?view=foundry Hentet: 2026-02 Innhold: Model Router, cost optimization workflows 5. **Azure OpenAI in Azure AI Foundry Models** - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/models + URL: https://learn.microsoft.com/en-us/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure Hentet: 2026-02 Innhold: Model catalog, capabilities, regional availability 6. **Understanding costs associated with provisioned throughput units (PTU)** - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/provisioned-throughput-onboarding + URL: https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/provisioned-throughput-billing Hentet: 2026-02 Innhold: PTU pricing, throughput per PTU, when to use PTU diff --git a/skills/ms-ai-security/references/cost-optimization/multi-model-strategy-costs.md b/skills/ms-ai-security/references/cost-optimization/multi-model-strategy-costs.md index aa504d9..5ee6203 100644 --- a/skills/ms-ai-security/references/cost-optimization/multi-model-strategy-costs.md +++ b/skills/ms-ai-security/references/cost-optimization/multi-model-strategy-costs.md @@ -638,11 +638,11 @@ az consumption usage list --start-date 2026-02-01 --end-date 2026-02-28 \ ## Kilder og verifisering **Microsoft Learn (MCP-verified):** -1. [Model router for Azure AI Foundry](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/model-router) — **Verified** (MCP fetch, 2026-04) +1. [Model router for Azure AI Foundry](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/model-router) — **Verified** (MCP fetch, 2026-04) 2. [Use a gateway in front of multiple Azure OpenAI deployments](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/azure-openai-gateway-multi-backend) — **Verified** (MCP fetch, 2026-04). Dokument bekrefter: (a) credential termination og reestablishment ved gateway anbefales fremfor pass-through client credentials, (b) gateway gir client-based usage tracking og chargeback-støtte, (c) Azure OpenAI er nå tagget som "Foundry Tools / Azure OpenAI in Foundry Models". -3. [Understanding costs associated with provisioned throughput units (PTU)](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/provisioned-throughput-onboarding) — **Verified** (MCP search, 2026-04) -4. [Azure OpenAI in Azure AI Foundry Models](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/models) — **Verified** (MCP search, 2026-04) -5. [GPT-4o vs GPT-4o mini model selection](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/whats-new) — **Verified** (MCP search, 2026-04) +3. [Understanding costs associated with provisioned throughput units (PTU)](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/provisioned-throughput-billing) — **Verified** (MCP search, 2026-04) +4. [Azure OpenAI in Azure AI Foundry Models](https://learn.microsoft.com/en-us/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure) — **Verified** (MCP search, 2026-04) +5. [GPT-4o vs GPT-4o mini model selection](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/whats-new) — **Verified** (MCP search, 2026-04) **GitHub samples (MCP-referenced):** 1. [Smart load balancing for Azure OpenAI (Azure API Management)](https://github.com/Azure-Samples/openai-apim-lb) — **Verified** diff --git a/skills/ms-ai-security/references/cost-optimization/prompt-engineering-cost-reduction.md b/skills/ms-ai-security/references/cost-optimization/prompt-engineering-cost-reduction.md index 801ca6d..cbddace 100644 --- a/skills/ms-ai-security/references/cost-optimization/prompt-engineering-cost-reduction.md +++ b/skills/ms-ai-security/references/cost-optimization/prompt-engineering-cost-reduction.md @@ -40,7 +40,7 @@ Prompt caching er en kraftig funksjon for kostnadsreduksjon når du har repetere | **Prisreduksjon** | 50% rabatt (Standard), opptil 100% (Provisioned) | | **Støttede modeller** | GPT-4o, GPT-4o-mini, o1-serien, GPT-4.1-serien, o3-mini | -**Verified (MCP):** [Azure AI Foundry - Prompt Caching](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/prompt-caching) +**Verified (MCP):** [Azure AI Foundry - Prompt Caching](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/prompt-caching) ### Token-effektivitet per dataformat @@ -238,7 +238,7 @@ AI Foundry Model Catalog støtter prompt caching for: - o1-serien og o3-mini - GPT-4.1-serien -**Verified (MCP):** [AI Foundry Models - Prompt Caching](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/prompt-caching) +**Verified (MCP):** [AI Foundry Models - Prompt Caching](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/prompt-caching) ### Copilot Studio @@ -369,11 +369,11 @@ Copilot Studio bruker underliggende Azure OpenAI, men: ### Microsoft Learn (Verified via MCP) -1. [Prompt Caching - Azure AI Foundry](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/prompt-caching) – **Verified** -2. [Prompt Engineering Techniques](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/prompt-engineering) – **Verified** +1. [Prompt Caching - Azure AI Foundry](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/prompt-caching) – **Verified** +2. [Prompt Engineering Techniques](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/prompt-engineering) – **Verified** 3. [Azure OpenAI Pricing](https://azure.microsoft.com/pricing/details/cognitive-services/openai-service/) – **Verified** -4. [Manage Costs for Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/manage-costs) – **Verified** -5. [Token Usage Estimation](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/use-your-data#token-usage-estimation-for-azure-openai-on-your-data) – **Verified** +4. [Manage Costs for Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs) – **Verified** +5. [Token Usage Estimation](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/use-your-data#token-usage-estimation-for-azure-openai-on-your-data) – **Verified** ### Konfidensnivå per seksjon diff --git a/skills/ms-ai-security/references/cost-optimization/ptu-vs-paygo-economics.md b/skills/ms-ai-security/references/cost-optimization/ptu-vs-paygo-economics.md index 2adcbd3..4328fd5 100644 --- a/skills/ms-ai-security/references/cost-optimization/ptu-vs-paygo-economics.md +++ b/skills/ms-ai-security/references/cost-optimization/ptu-vs-paygo-economics.md @@ -403,23 +403,23 @@ En hybrid tilnærming, der man kombinerer PTU for stabil baseline-traffic og Pay **Microsoft Learn-ressurser (MCP-verified, februar 2026):** 1. **Provisioned Throughput Concepts:** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/provisioned-throughput + https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/provisioned-throughput *Confidence: Verified* – Offisiell kilde på PTU-konsepter, deployment types, benefits. 2. **PTU Cost Management:** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/provisioned-throughput-onboarding + https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/provisioned-throughput-billing *Confidence: Verified* – Detaljert prisinformasjon, hourly billing, reservations, capacity calculator. 3. **Provisioned Get Started Guide:** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/provisioned-get-started + https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/provisioned-get-started *Confidence: Verified* – Deployment workflow, quota vs. capacity, utilization monitoring. 4. **Provisioned Migration (Payment Model Framework):** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/provisioned-migration + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/provisioned-migration *Confidence: Verified* – Commitment vs. Reservation models, coexistence, best practices. 5. **Performance and Latency:** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/latency + https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/latency *Confidence: Verified* – Throughput vs. latency, TPM estimation, monitoring metrics. 6. **GenAI Gateway (APIM + PTU Optimization):** @@ -431,11 +431,11 @@ En hybrid tilnærming, der man kombinerer PTU for stabil baseline-traffic og Pay *Confidence: Verified* – Reservation purchase, scope, discounts, management. 8. **Dynamic Quota (Preview):** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/dynamic-quota + https://learn.microsoft.com/en-us/azure/foundry-classic/openai/how-to/dynamic-quota *Confidence: Verified* – PayGo deployment optimization, opportunistic quota increase. 9. **Spillover Traffic Management (Preview):** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/spillover-traffic-management + https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/spillover-traffic-management *Confidence: Verified* – Automatic routing fra PTU til PayGo ved capacity limit. **Code samples (MCP-verified):** diff --git a/skills/ms-ai-security/references/cost-optimization/rag-query-cost-reduction.md b/skills/ms-ai-security/references/cost-optimization/rag-query-cost-reduction.md index 12d9c35..f3703e6 100644 --- a/skills/ms-ai-security/references/cost-optimization/rag-query-cost-reduction.md +++ b/skills/ms-ai-security/references/cost-optimization/rag-query-cost-reduction.md @@ -433,7 +433,7 @@ User → Container App LB → [Azure OpenAI Region 1] **Verified:** 1. [Plan and manage costs of an Azure AI Search service](https://learn.microsoft.com/en-us/azure/search/search-sku-manage-costs) - Comprehensive cost minimization strategies, tier pricing, indexing optimization. -2. [Azure OpenAI On Your Data - Token usage estimation](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/use-your-data) - Exact token consumption per model, RAG pipeline breakdown, parameter impacts. +2. [Azure OpenAI On Your Data - Token usage estimation](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/use-your-data) - Exact token consumption per model, RAG pipeline breakdown, parameter impacts. 3. [RAG chunking phase - Understand chunking economics](https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/rag/rag-chunking-phase) - Cache-Aside pattern, cost factors for chunking strategies. 4. [Agentic retrieval in Azure AI Search - Pricing example](https://learn.microsoft.com/en-us/azure/search/agentic-retrieval-overview) - Detailed cost calculation for agentic retrieval with subqueries. 5. [Tips for better performance in Azure AI Search](https://learn.microsoft.com/en-us/azure/search/search-performance-tips) - Query design optimization, search tier switching, cost-performance balance. diff --git a/skills/ms-ai-security/references/cost-optimization/request-batching-aggregation.md b/skills/ms-ai-security/references/cost-optimization/request-batching-aggregation.md index 5bc4580..278702e 100644 --- a/skills/ms-ai-security/references/cost-optimization/request-batching-aggregation.md +++ b/skills/ms-ai-security/references/cost-optimization/request-batching-aggregation.md @@ -493,7 +493,7 @@ Bruk denne matrisen for raskt å avgjøre om batching er riktig: ### Microsoft Learn (Verified via MCP) 1. **Azure OpenAI Batch API:** - - [Getting started with Azure OpenAI batch deployments](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/batch) — **Verified 2026-02** + - [Getting started with Azure OpenAI batch deployments](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/batch) — **Verified 2026-02** - Dekker: JSONL input format, Global-Batch deployment, 50% cost reduction, exponential backoff queuing 2. **Microsoft Graph JSON Batching:** @@ -505,7 +505,7 @@ Bruk denne matrisen for raskt å avgjøre om batching er riktig: - Dekker: Asynchronous inferencing, pipeline component deployments, low-priority VMs, scale-to-zero 4. **Code Samples (Python):** - - [Azure OpenAI Batch API - Create batch job](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/batch?pivots=programming-language-python#create-batch-job) — **Verified 2026-02** + - [Azure OpenAI Batch API - Create batch job](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/batch?pivots=programming-language-python#create-batch-job) — **Verified 2026-02** - [Azure Cosmos DB Transactional Batch](https://learn.microsoft.com/en-us/azure/cosmos-db/transactional-batch#how-to-create-a-transactional-batch-operation) — **Baseline (ikke AI-spesifikk, men relevant pattern)** ### Konfidensnivå per Seksjon diff --git a/skills/ms-ai-security/references/cost-optimization/reserved-capacity-planning.md b/skills/ms-ai-security/references/cost-optimization/reserved-capacity-planning.md index 5cc91e8..8ad7527 100644 --- a/skills/ms-ai-security/references/cost-optimization/reserved-capacity-planning.md +++ b/skills/ms-ai-security/references/cost-optimization/reserved-capacity-planning.md @@ -543,11 +543,11 @@ Tilgjengelig i deployment workflow: | Kilde | Type | Last Verified | |-------|------|---------------| | [Save costs with Microsoft Foundry Provisioned Throughput Reservations](https://learn.microsoft.com/en-us/azure/cost-management-billing/reservations/azure-openai) | Offisiell docs | 2026-01 | -| [Understanding costs associated with provisioned throughput units (PTU)](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/provisioned-throughput-onboarding) | Offisiell docs | 2026-01 | -| [Azure OpenAI provisioned Managed offering updates](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/provisioned-migration) | Offisiell docs | 2025-08 | +| [Understanding costs associated with provisioned throughput units (PTU)](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/provisioned-throughput-billing) | Offisiell docs | 2026-01 | +| [Azure OpenAI provisioned Managed offering updates](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/provisioned-migration) | Offisiell docs | 2025-08 | | [Purchase commitment tier pricing](https://learn.microsoft.com/en-us/azure/ai-services/commitment-tier) | Offisiell docs | 2026-01 | -| [What is provisioned throughput?](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/provisioned-throughput) | Offisiell docs | 2026-01 | -| [Azure OpenAI Provisioned Managed Offering in Azure Government](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/gov-provisioned) | Offisiell docs | 2025-05 | +| [What is provisioned throughput?](https://learn.microsoft.com/en-us/azure/foundry/openai/concepts/provisioned-throughput) | Offisiell docs | 2026-01 | +| [Azure OpenAI Provisioned Managed Offering in Azure Government](https://learn.microsoft.com/en-us/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure-gov) | Offisiell docs | 2025-05 | | [View Azure reservation utilization](https://learn.microsoft.com/en-us/azure/cost-management-billing/reservations/reservation-utilization) | Cost Management | 2025-12 | | [How reservation discounts are applied](https://learn.microsoft.com/en-us/azure/cost-management-billing/reservations/reservation-discount-application) | Cost Management | 2025-12 | | [Azure Pricing Calculator](https://azure.microsoft.com/pricing/calculator/) | Pricing tool | Live | diff --git a/skills/ms-ai-security/references/cost-optimization/small-language-models-economics.md b/skills/ms-ai-security/references/cost-optimization/small-language-models-economics.md index c33927f..78c606f 100644 --- a/skills/ms-ai-security/references/cost-optimization/small-language-models-economics.md +++ b/skills/ms-ai-security/references/cost-optimization/small-language-models-economics.md @@ -603,12 +603,12 @@ az webapp create --name webapp-slm-phi4 --resource-group rg-slm-norway --plan pl - Innhold: KAITO deployment, Phi-4-mini på AKS, GPU-krav 5. **Azure OpenAI in Azure AI Foundry Models** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/models + - URL: https://learn.microsoft.com/en-us/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure - Confidence: **Verified** - Innhold: GPT-4o, GPT-4o-mini pricing, capabilities 6. **Foundry Models from partners and community (Microsoft)** - - URL: https://learn.microsoft.com/en-us/azure/ai-foundry/foundry-models/concepts/models-from-partners + - URL: https://learn.microsoft.com/en-us/azure/foundry/foundry-models/concepts/models-from-partners - Confidence: **Verified** - Innhold: Phi-4-mini-instruct, Phi-4-multimodal specs diff --git a/skills/ms-ai-security/references/cost-optimization/token-counting-optimization.md b/skills/ms-ai-security/references/cost-optimization/token-counting-optimization.md index 38e8df4..0756b9b 100644 --- a/skills/ms-ai-security/references/cost-optimization/token-counting-optimization.md +++ b/skills/ms-ai-security/references/cost-optimization/token-counting-optimization.md @@ -570,13 +570,13 @@ def track_token_usage(prompt, completion, model="gpt-4o"): ## Kilder og verifisering **Microsoft Learn Documentation:** -1. [Prompt caching - Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/prompt-caching) -2. [Work with chat completions models - Token management](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/chatgpt#manage-conversations) -3. [Plan and manage costs for Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/manage-costs) +1. [Prompt caching - Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/prompt-caching) +2. [Work with chat completions models - Token management](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/chatgpt#manage-conversations) +3. [Plan and manage costs for Azure OpenAI](https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs) 4. [Token counting in AI - Dynamics 365 Business Central](https://learn.microsoft.com/en-us/dynamics365/business-central/dev-itpro/developer/ai-system-app-token-counting) 5. [Use Microsoft.ML.Tokenizers for text tokenization](https://learn.microsoft.com/en-us/dotnet/ai/how-to/use-tokenizers) -6. [Azure OpenAI On Your Data - Token usage estimation](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/use-your-data#token-usage-estimation-for-azure-openai-on-your-data) -7. [Cost management for fine-tuning](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/fine-tuning-cost-management) +6. [Azure OpenAI On Your Data - Token usage estimation](https://learn.microsoft.com/en-us/azure/foundry-classic/openai/concepts/use-your-data#token-usage-estimation-for-azure-openai-on-your-data) +7. [Cost management for fine-tuning](https://learn.microsoft.com/en-us/azure/foundry/openai/how-to/fine-tuning-cost-management) **OpenAI Resources:** 8. [OpenAI Cookbook - Token counting](https://github.com/openai/openai-cookbook/blob/main/examples/How_to_format_inputs_to_ChatGPT_models.ipynb) diff --git a/skills/ms-ai-security/references/cost-optimization/vector-storage-cost-optimization.md b/skills/ms-ai-security/references/cost-optimization/vector-storage-cost-optimization.md index 2b1c051..eb27b9b 100644 --- a/skills/ms-ai-security/references/cost-optimization/vector-storage-cost-optimization.md +++ b/skills/ms-ai-security/references/cost-optimization/vector-storage-cost-optimization.md @@ -549,11 +549,11 @@ Hvis vector search brukes som grunnlag for Copilot for Microsoft 365: Confidence: Verified (MCP search results, januar 2026) 6. **Azure OpenAI embeddings models** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/models + https://learn.microsoft.com/en-us/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure Confidence: Verified (MCP search results, januar 2026) 7. **Azure OpenAI cost management** - https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/manage-costs + https://learn.microsoft.com/en-us/azure/foundry/concepts/manage-costs Confidence: Verified (MCP search results, januar 2026) 8. **Storage optimization for vectors** diff --git a/skills/ms-ai-security/references/performance-scalability/async-processing-patterns.md b/skills/ms-ai-security/references/performance-scalability/async-processing-patterns.md index 16f6966..53f32bd 100644 --- a/skills/ms-ai-security/references/performance-scalability/async-processing-patterns.md +++ b/skills/ms-ai-security/references/performance-scalability/async-processing-patterns.md @@ -527,9 +527,9 @@ def publish_ordered_event( ## Referanser -- [Azure OpenAI Batch API](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/batch) — Batch processing -- [Azure OpenAI Responses API — Background tasks](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/responses) — Background mode -- [Azure OpenAI Webhooks](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/webhooks) — Event notifications +- [Azure OpenAI Batch API](https://learn.microsoft.com/azure/foundry/openai/how-to/batch) — Batch processing +- [Azure OpenAI Responses API — Background tasks](https://learn.microsoft.com/azure/foundry/openai/how-to/responses) — Background mode +- [Azure OpenAI Webhooks](https://learn.microsoft.com/azure/foundry/openai/how-to/webhooks) — Event notifications - [Event-driven architecture style](https://learn.microsoft.com/azure/architecture/guide/architecture-styles/event-driven) — Architecture patterns - [Azure Functions on Container Apps](https://learn.microsoft.com/azure/container-apps/functions-unified-platform) — Event-driven compute diff --git a/skills/ms-ai-security/references/performance-scalability/batch-api-usage-optimization.md b/skills/ms-ai-security/references/performance-scalability/batch-api-usage-optimization.md index 00e3ed5..147273a 100644 --- a/skills/ms-ai-security/references/performance-scalability/batch-api-usage-optimization.md +++ b/skills/ms-ai-security/references/performance-scalability/batch-api-usage-optimization.md @@ -206,7 +206,7 @@ with open("large_batch.jsonl", "rb") as data: ) # 2. Konfigurer Azure OpenAI til a bruke Blob Storage -# Se: https://learn.microsoft.com/azure/ai-foundry/openai/how-to/batch-blob-storage +# Se: https://learn.microsoft.com/azure/foundry-classic/openai/how-to/batch-blob-storage ``` ### Filgrenser diff --git a/skills/ms-ai-security/references/performance-scalability/concurrent-request-optimization.md b/skills/ms-ai-security/references/performance-scalability/concurrent-request-optimization.md index 3a246f1..c35157c 100644 --- a/skills/ms-ai-security/references/performance-scalability/concurrent-request-optimization.md +++ b/skills/ms-ai-security/references/performance-scalability/concurrent-request-optimization.md @@ -418,9 +418,9 @@ class FairScheduler: ## Referanser -- [Manage Azure OpenAI quota](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/quota) — RPM/TPM grenser -- [Performance and latency](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/latency) — Concurrent requests og throughput -- [Provisioned throughput](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/provisioned-get-started) — PTU utilization +- [Manage Azure OpenAI quota](https://learn.microsoft.com/azure/foundry-classic/openai/how-to/quota) — RPM/TPM grenser +- [Performance and latency](https://learn.microsoft.com/azure/foundry/openai/how-to/latency) — Concurrent requests og throughput +- [Provisioned throughput](https://learn.microsoft.com/azure/foundry/openai/how-to/provisioned-get-started) — PTU utilization ## For Cosmo diff --git a/skills/ms-ai-security/references/performance-scalability/gpu-compute-sizing.md b/skills/ms-ai-security/references/performance-scalability/gpu-compute-sizing.md index 81033d6..01cd4be 100644 --- a/skills/ms-ai-security/references/performance-scalability/gpu-compute-sizing.md +++ b/skills/ms-ai-security/references/performance-scalability/gpu-compute-sizing.md @@ -419,8 +419,8 @@ ml_client.online_deployments.begin_create_or_update(deployment).result() ## Referanser -- [What is provisioned throughput?](https://learn.microsoft.com/azure/ai-foundry/openai/concepts/provisioned-throughput) — PTU oversikt -- [PTU costs and billing](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/provisioned-throughput-onboarding) — PTU-prising per modell +- [What is provisioned throughput?](https://learn.microsoft.com/azure/foundry/openai/concepts/provisioned-throughput) — PTU oversikt +- [PTU costs and billing](https://learn.microsoft.com/azure/foundry/openai/concepts/provisioned-throughput-billing) — PTU-prising per modell - [Foundry PTU calculator](https://ai.azure.com/resource/calculator) — Kapasitetskalkulator - [GPU optimized VM sizes](https://learn.microsoft.com/azure/virtual-machines/sizes-gpu) — Azure GPU VM-oversikt - [Deploy models in Azure ML](https://learn.microsoft.com/azure/machine-learning/how-to-deploy-online-endpoints) — ML endpoint deployment diff --git a/skills/ms-ai-security/references/performance-scalability/load-testing-ai-services.md b/skills/ms-ai-security/references/performance-scalability/load-testing-ai-services.md index 763a2bc..c8776e0 100644 --- a/skills/ms-ai-security/references/performance-scalability/load-testing-ai-services.md +++ b/skills/ms-ai-security/references/performance-scalability/load-testing-ai-services.md @@ -416,10 +416,10 @@ azure-openai-benchmark \ ## Referanser -- [Run a benchmark](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/provisioned-get-started#run-a-benchmark) — Azure OpenAI benchmarking guide +- [Run a benchmark](https://learn.microsoft.com/azure/foundry/openai/how-to/provisioned-get-started#run-a-benchmark) — Azure OpenAI benchmarking guide - [Azure OpenAI Benchmark Tool](https://github.com/Azure/azure-openai-benchmark) — Offisielt CLI-verktøy - [Azure Load Testing overview](https://learn.microsoft.com/azure/load-testing/overview-what-is-azure-load-testing) — Managed lasttesting -- [Performance and latency](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/latency) — Throughput vs latency forklaring +- [Performance and latency](https://learn.microsoft.com/azure/foundry/openai/how-to/latency) — Throughput vs latency forklaring - [Capacity planning](https://learn.microsoft.com/azure/well-architected/performance-efficiency/capacity-planning) — WAF kapasitetsplanlegging ## For Cosmo diff --git a/skills/ms-ai-security/references/performance-scalability/model-distillation-performance.md b/skills/ms-ai-security/references/performance-scalability/model-distillation-performance.md index 917a1c4..e3cb6da 100644 --- a/skills/ms-ai-security/references/performance-scalability/model-distillation-performance.md +++ b/skills/ms-ai-security/references/performance-scalability/model-distillation-performance.md @@ -428,9 +428,9 @@ def route_to_model(user_input: str) -> str: ## Referanser -- [Azure OpenAI stored completions & distillation](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/stored-completions) — Distillation workflow -- [Fine-tuning considerations](https://learn.microsoft.com/azure/ai-foundry/openai/concepts/fine-tuning-considerations) — Når fine-tuning er riktig -- [Customize a model with fine-tuning](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/fine-tuning) — Fine-tuning guide +- [Azure OpenAI stored completions & distillation](https://learn.microsoft.com/azure/foundry-classic/openai/how-to/stored-completions) — Distillation workflow +- [Fine-tuning considerations](https://learn.microsoft.com/azure/foundry/openai/concepts/fine-tuning-considerations) — Når fine-tuning er riktig +- [Customize a model with fine-tuning](https://learn.microsoft.com/azure/foundry/openai/how-to/fine-tuning) — Fine-tuning guide - [Choose the right AI model](https://learn.microsoft.com/azure/architecture/ai-ml/guide/choose-ai-model) — Modellvalg-guide ## For Cosmo diff --git a/skills/ms-ai-security/references/performance-scalability/performance-benchmarking-frameworks.md b/skills/ms-ai-security/references/performance-scalability/performance-benchmarking-frameworks.md index 8258c29..164b156 100644 --- a/skills/ms-ai-security/references/performance-scalability/performance-benchmarking-frameworks.md +++ b/skills/ms-ai-security/references/performance-scalability/performance-benchmarking-frameworks.md @@ -536,9 +536,9 @@ async def ci_benchmark_gate( - [Azure OpenAI Benchmark Tool](https://github.com/Azure/azure-openai-benchmark) — Offisielt CLI-verktøy - [Azure Load Testing](https://learn.microsoft.com/azure/load-testing/overview-what-is-azure-load-testing) — Managed lasttesting -- [Performance and latency](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/latency) — Ytelseskonsepter -- [Evaluate generative AI models](https://learn.microsoft.com/azure/ai-foundry/how-to/evaluate-generative-ai-app) — Kvalitetsevaluering -- [Azure Monitor metrics](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/monitor-openai) — Azure OpenAI monitoring +- [Performance and latency](https://learn.microsoft.com/azure/foundry/openai/how-to/latency) — Ytelseskonsepter +- [Evaluate generative AI models](https://learn.microsoft.com/azure/foundry/how-to/evaluate-generative-ai-app) — Kvalitetsevaluering +- [Azure Monitor metrics](https://learn.microsoft.com/azure/foundry-classic/openai/how-to/monitor-openai) — Azure OpenAI monitoring ## For Cosmo diff --git a/skills/ms-ai-security/references/performance-scalability/prompt-caching-performance.md b/skills/ms-ai-security/references/performance-scalability/prompt-caching-performance.md index 3a4a664..a699889 100644 --- a/skills/ms-ai-security/references/performance-scalability/prompt-caching-performance.md +++ b/skills/ms-ai-security/references/performance-scalability/prompt-caching-performance.md @@ -360,8 +360,8 @@ class CacheAwarePromptManager: ## Referanser -- [Prompt caching](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/prompt-caching) — Offisiell guide -- [Provisioned throughput](https://learn.microsoft.com/azure/ai-foundry/openai/concepts/provisioned-throughput) — PTU caching-fordeler +- [Prompt caching](https://learn.microsoft.com/azure/foundry/openai/how-to/prompt-caching) — Offisiell guide +- [Provisioned throughput](https://learn.microsoft.com/azure/foundry/openai/concepts/provisioned-throughput) — PTU caching-fordeler - [Semantic cache with Cosmos DB](https://learn.microsoft.com/azure/cosmos-db/gen-ai/semantic-cache) — Ekstern caching - [Application design for AI workloads](https://learn.microsoft.com/azure/well-architected/ai/application-design) — Multi-layer caching diff --git a/skills/ms-ai-security/references/performance-scalability/rate-limit-management.md b/skills/ms-ai-security/references/performance-scalability/rate-limit-management.md index 0c0dada..b3f246b 100644 --- a/skills/ms-ai-security/references/performance-scalability/rate-limit-management.md +++ b/skills/ms-ai-security/references/performance-scalability/rate-limit-management.md @@ -474,9 +474,9 @@ Microsoft dokumenterer multi-backend gateway som den anbefalte arkitekturmønste ## Referanser -- [Manage Azure OpenAI quota](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/quota) — Kvotehåndtering -- [Azure OpenAI quotas and limits](https://learn.microsoft.com/azure/ai-foundry/openai/quotas-limits) — Grenser per modell -- [Azure OpenAI SDK retry handling](https://learn.microsoft.com/azure/ai-foundry/openai/supported-languages) — SDK retry-konfigurasjon +- [Manage Azure OpenAI quota](https://learn.microsoft.com/azure/foundry-classic/openai/how-to/quota) — Kvotehåndtering +- [Azure OpenAI quotas and limits](https://learn.microsoft.com/azure/foundry/openai/quotas-limits) — Grenser per modell +- [Azure OpenAI SDK retry handling](https://learn.microsoft.com/azure/foundry/openai/supported-languages) — SDK retry-konfigurasjon - [Use a gateway in front of multiple Azure OpenAI deployments or instances](https://learn.microsoft.com/azure/architecture/ai-ml/guide/azure-openai-gateway-multi-backend) — Multi-region gateway (Azure OpenAI i Foundry Models) — Verified (MCP 2026-04) ## For Cosmo diff --git a/skills/ms-ai-security/references/performance-scalability/regional-deployment-latency.md b/skills/ms-ai-security/references/performance-scalability/regional-deployment-latency.md index 6839a39..6cc4017 100644 --- a/skills/ms-ai-security/references/performance-scalability/regional-deployment-latency.md +++ b/skills/ms-ai-security/references/performance-scalability/regional-deployment-latency.md @@ -399,7 +399,7 @@ Microsoft dokumenterer nå fire formelle topologier for Azure OpenAI gateway: - [Use a gateway in front of multiple Azure OpenAI deployments or instances](https://learn.microsoft.com/azure/architecture/ai-ml/guide/azure-openai-gateway-multi-backend) — Multi-region patterns (Azure OpenAI i Foundry Models) — Verified (MCP 2026-04) - [Azure Front Door](https://learn.microsoft.com/azure/frontdoor/front-door-overview) — Global load balancing - [APIM multi-region deployment](https://learn.microsoft.com/azure/api-management/api-management-howto-deploy-multi-region) — Regional gateway -- [Azure OpenAI deployment types](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/deployment-types) — Global vs Regional +- [Azure OpenAI deployment types](https://learn.microsoft.com/azure/foundry/foundry-models/concepts/deployment-types) — Global vs Regional - [AI Ready — Establish AI reliability](https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/ai/ready) — Multi-region best practices ## For Cosmo diff --git a/skills/ms-ai-security/references/performance-scalability/response-chunking-strategies.md b/skills/ms-ai-security/references/performance-scalability/response-chunking-strategies.md index 7a4ccd0..8f23e95 100644 --- a/skills/ms-ai-security/references/performance-scalability/response-chunking-strategies.md +++ b/skills/ms-ai-security/references/performance-scalability/response-chunking-strategies.md @@ -464,7 +464,7 @@ class ResilientStreamProcessor: ## Referanser -- [Azure OpenAI streaming](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/responses) — Streaming API +- [Azure OpenAI streaming](https://learn.microsoft.com/azure/foundry/openai/how-to/responses) — Streaming API - [Server-Sent Events with Application Gateway](https://learn.microsoft.com/azure/application-gateway/use-server-sent-events) — SSE proxy - [API Management SSE configuration](https://learn.microsoft.com/azure/api-management/how-to-server-sent-events) — APIM SSE - [Server-Sent Events with App Gateway for Containers](https://learn.microsoft.com/azure/application-gateway/for-containers/server-sent-events) — Container SSE diff --git a/skills/ms-ai-security/references/performance-scalability/throughput-optimization-strategies.md b/skills/ms-ai-security/references/performance-scalability/throughput-optimization-strategies.md index 6100e65..25bcfc5 100644 --- a/skills/ms-ai-security/references/performance-scalability/throughput-optimization-strategies.md +++ b/skills/ms-ai-security/references/performance-scalability/throughput-optimization-strategies.md @@ -433,9 +433,9 @@ def submit_batch(client: AzureOpenAI, filename: str): ## Referanser -- [Performance and latency](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/latency) — Azure OpenAI latency og throughput -- [Azure OpenAI Batch API](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/batch) — Batch processing guide -- [Provisioned throughput onboarding](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/provisioned-throughput-onboarding) — PTU sizing og kostnader +- [Performance and latency](https://learn.microsoft.com/azure/foundry/openai/how-to/latency) — Azure OpenAI latency og throughput +- [Azure OpenAI Batch API](https://learn.microsoft.com/azure/foundry/openai/how-to/batch) — Batch processing guide +- [Provisioned throughput onboarding](https://learn.microsoft.com/azure/foundry/openai/concepts/provisioned-throughput-billing) — PTU sizing og kostnader - [Azure OpenAI Benchmark Tool](https://github.com/Azure/azure-openai-benchmark) — Offisielt benchmarking-verktøy ## For Cosmo diff --git a/skills/ms-ai-security/references/performance-scalability/token-per-second-optimization.md b/skills/ms-ai-security/references/performance-scalability/token-per-second-optimization.md index 1978115..e6a174d 100644 --- a/skills/ms-ai-security/references/performance-scalability/token-per-second-optimization.md +++ b/skills/ms-ai-security/references/performance-scalability/token-per-second-optimization.md @@ -328,10 +328,10 @@ print(f"Rejected predictions: {usage.rejected_prediction_tokens}") ## Referanser -- [Performance and latency](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/latency) — TPS og throughput forklaring -- [Provisioned throughput onboarding](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/provisioned-throughput-onboarding) — PTU TPS-mål per modell -- [Prompt caching](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/prompt-caching) — Cache-basert TPS-forbedring -- [Predicted outputs](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/predicted-outputs) — Spekulativ generering +- [Performance and latency](https://learn.microsoft.com/azure/foundry/openai/how-to/latency) — TPS og throughput forklaring +- [Provisioned throughput onboarding](https://learn.microsoft.com/azure/foundry/openai/concepts/provisioned-throughput-billing) — PTU TPS-mål per modell +- [Prompt caching](https://learn.microsoft.com/azure/foundry/openai/how-to/prompt-caching) — Cache-basert TPS-forbedring +- [Predicted outputs](https://learn.microsoft.com/azure/foundry/openai/how-to/predicted-outputs) — Spekulativ generering - [Foundry PTU calculator](https://ai.azure.com/resource/calculator) — Kapasitetskalkulator ## For Cosmo From c0e23a786ee219a30953cf5d3f4b7ccd885dc314 Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 14:16:49 +0200 Subject: [PATCH 008/309] =?UTF-8?q?fix(ms-ai-architect):=20verifiser=20OWA?= =?UTF-8?q?SP=20Agentic=202026=20tittel-ordlyd=20mot=20prim=C3=A6rkilde=20?= =?UTF-8?q?(release-gate)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Release-gaten før v1.16.0: bekreftet eksakt engelsk tittel-ordlyd for ASI01–ASI10 mot OWASP GenAI Security Projects offisielle publisering på genai.owasp.org (9. desember 2025), hentet direkte to ganger uavhengig. Sekundærkilde-spriket som ros-ai-threat-library.md:541 advarte mot er nå løst mot primærkilden. Fire titler var feil (KB fulgte aggregator-varianter, ikke offisiell tekst): - ASI02: «Tool Misuse & Exploitation» → «Tool Misuse» - ASI03: «Agent Identity & Privilege Abuse» → «Identity & Privilege Abuse» - ASI04: «Agentic Supply Chain Compromise» → «Agentic Supply Chain Vulnerabilities» - ASI08: «Cascading Agent Failures» → «Cascading Failures» Rettet i alle 6 forekomster (hovedtabell + inline OWASP Agentic-mappingrader 579/597). Kildemerknad (:541) oppdatert: hedge om uverifisert ordlyd erstattet med eksplisitt primærkilde-referanse + hvilke sekundærvarianter som florerer. Notasjon (:2026): uendret. Offisiell blogg bruker ASIxx uten årstall, men KB bruker konsekvent :ÅRSTALL for OWASP-IDer (jf. LLM05:2025) — intern konsistens beholdt, flagget separat for normaliserings-beslutning. Verifisert: validate-plugin.sh 219 PASS. Co-Authored-By: Claude Opus 4.8 (1M context) --- .../ros-ai-threat-library.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-ai-threat-library.md b/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-ai-threat-library.md index 6fc72ad..c25698f 100644 --- a/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-ai-threat-library.md +++ b/skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-ai-threat-library.md @@ -538,18 +538,18 @@ Truslene er ment som et deterministisk utgangspunkt: standard sannsynlighet og k OWASP Gen AI Security Project publiserte **OWASP Top 10 for Agentic Applications 2026** (versjon for 2026, publisert 9. desember 2025) som et eget rammeverk for agent-spesifikke risikoer, til forskjell fra OWASP LLM Top 10 som dekker LLM-applikasjoner generelt. For agentbaserte AI-systemer (Azure AI Foundry-agenter, Copilot Studio autonome agenter, Power Automate agentflows) skal ROS-analysen vurdere disse ti kategoriene i tillegg til OWASP LLM Top 10. -> **Merknad om kilde:** Kategori-ID-ene (ASI01–ASI10) er verifisert mot flere uavhengige kilder. Den eksakte engelske tittel-ordlyden varierer noe mellom sekundærkilder (genai.owasp.org publiserer den autoritative listen i et nedlastbart dokument); ID-ene og kjernebegrepene under er konsistente på tvers av kilder. +> **Merknad om kilde:** Tittel-ordlyden under er verifisert ordrett mot OWASP GenAI Security Projects offisielle publisering på genai.owasp.org (publisert 9. desember 2025). Sekundærkilder (aggregatorer og leverandørblogger) gjengir flere kategorier inkonsistent — særlig ASI02 (gjengis ofte «...& Exploitation»), ASI04 («...Compromise» i stedet for «...Vulnerabilities») og ASI08 («Cascading Agent Failures»); ordlyden her følger den offisielle teksten. | ID | Kategori (engelsk) | Kort beskrivelse | Relaterte trusler i dette biblioteket | |----|--------------------|------------------|----------------------------------------| | **ASI01** | Agent Goal Hijack | Angriper manipulerer agentens mål/beslutningsvei, ofte via indirekte input (dokumenter, eksterne datakilder) | T-INP-02, T-AGT-01, T-AGT-06 | -| **ASI02** | Tool Misuse & Exploitation | Agenten bruker legitime verktøy på usikre måter (parameter-forgiftning, tool chain-manipulasjon, misbruk av tildelte tillatelser) | T-AGT-01, T-OUT-05, T-AGT-03 | -| **ASI03** | Agent Identity & Privilege Abuse | Misbruk av agentens identitet og rettigheter; for brede privilegier | T-DAT-05, T-AGT-01, T-AGT-07 | -| **ASI04** | Agentic Supply Chain Compromise | Kompromittering av agentens forsyningskjede (plugins, MCP, connectors, modeller) | T-SUP-04, T-SUP-06, T-SUP-01 | +| **ASI02** | Tool Misuse | Agenten bruker legitime verktøy på usikre måter (parameter-forgiftning, tool chain-manipulasjon, misbruk av tildelte tillatelser) | T-AGT-01, T-OUT-05, T-AGT-03 | +| **ASI03** | Identity & Privilege Abuse | Misbruk av agentens identitet og rettigheter; for brede privilegier | T-DAT-05, T-AGT-01, T-AGT-07 | +| **ASI04** | Agentic Supply Chain Vulnerabilities | Kompromittering av agentens forsyningskjede (plugins, MCP, connectors, modeller) | T-SUP-04, T-SUP-06, T-SUP-01 | | **ASI05** | Unexpected Code Execution | Uventet/uautorisert kodekjøring via agentens verktøy eller miljø | T-SUP-02, T-AGT-01 | | **ASI06** | Memory & Context Poisoning | Forgiftning av agentens minne eller kontekst over tid | T-DAT-06, T-INP-04, T-DAT-01 | | **ASI07** | Insecure Inter-Agent Communication | Usikker kommunikasjon mellom agenter (A2A-protokoll, message queue) | T-AGT-02 | -| **ASI08** | Cascading Agent Failures | Kaskadefeil som propagerer gjennom en agentkjede | T-AGT-02, T-AGT-04 | +| **ASI08** | Cascading Failures | Kaskadefeil som propagerer gjennom en agentkjede | T-AGT-02, T-AGT-04 | | **ASI09** | Human-Agent Trust Exploitation | Utnyttelse av menneskets tillit til agenten | T-DAT-03, T-AGT-07 | | **ASI10** | Rogue Agents | Agenter som opererer utenfor mandat / shadow AI / scheming | T-AGT-06, T-AGT-07 | @@ -576,7 +576,7 @@ Trusler i biblioteket som har en agentrelevant ASI-mapping er merket med raden * | **Plattformrelevans** | Azure AI Foundry (agenter), Copilot Studio (actions), Power Automate (agentflows) | | **Microsoft-kontroll** | Minste privilegium for agent tool-tilgang, human-in-the-loop for irreversible actions, Azure AI Foundry agent execution policies, konfigurasjonskontroll for tillatte tool-kall | | **OWASP LLM** | LLM06:2025 — Excessive Agency | -| **OWASP Agentic** | ASI02:2026 — Tool Misuse & Exploitation, ASI03:2026 — Agent Identity & Privilege Abuse | +| **OWASP Agentic** | ASI02:2026 — Tool Misuse, ASI03:2026 — Identity & Privilege Abuse | | **MITRE ATLAS** | AML.T0051 | --- @@ -594,7 +594,7 @@ Trusler i biblioteket som har en agentrelevant ASI-mapping er merket med raden * | **Plattformrelevans** | Azure AI Foundry (multi-agent), Copilot Studio (agentorkestrering) | | **Microsoft-kontroll** | Agent identity-validering mellom noder, output-validering mellom agentlag, signert agent-til-agent-kommunikasjon (Entra Agent ID), input-sanitering i orchestratoragent | | **OWASP LLM** | LLM06:2025, LLM01:2025 | -| **OWASP Agentic** | ASI07:2026 — Insecure Inter-Agent Communication, ASI08:2026 — Cascading Agent Failures | +| **OWASP Agentic** | ASI07:2026 — Insecure Inter-Agent Communication, ASI08:2026 — Cascading Failures | | **MITRE ATLAS** | AML.T0051.001 | --- From 8f9fe8b8941e7a9164c9f31bfc4f6873c989803e Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 14:29:35 +0200 Subject: [PATCH 009/309] fix(ms-ai-architect): korriger GPT-5-datasuverenitet i Norway East (task #5 del 2/3, B-kjerne) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Audit-hypotesen («GPT-5 data-resident via Regional PTU/Data-Zone der streng residens kreves») er MOTBEVIST mot live Microsoft Learn (hentet 4 doc-sider, 2026-06-18). GPT-5 har INGEN regional/PTU-deployment i Norway East — kan ikke gjøres Norge-resident. Hadde planen blitt fulgt blindt, ville en falsk compliance-påstand blitt skrevet inn i KB. STATEs verifiseringsplikt-advarsel fanget dette. Verifisert matrise (GPT-5 × Norway East × deployment-type): - Standard (regional) / Regional Provisioned (= Norge-residens): INGEN GPT-5-variant - Data Zone Standard (= EU-residens): kun gpt-5.5; ikke 5/mini/nano/5.1/5.2 - Data Zone Provisioned: norwayeast finnes ikke som region - Global Standard (global): gpt-5/mini/nano/5.1/5.2 (ikke 5.5) - Global Provisioned (global): gpt-5/mini/5.1/5.2/5.5 KB-ens nåværende forsiktighet («data kan forlate Norway East») var altså RIKTIG for de deployment-typene som finnes. De reelle gapene var: 1. Manglende Data Zone-mellomtier (gpt-5.5 = EU-residens) 2. Upresist «kun via Agent Service» (er Global Standard + Global Provisioned) 3. Falsk implisert «GPT-5 + Regional PTU Norway East»-prising Endringer (3 filer): - model-catalog-2026.md: regional-tabell (GPT-5-celler), nordisk oppsummering (fjernet «(regional PTU)»-merkelapp), beslutningstre (tre-tier residens: Norge/EU-sone/global), hurtigguide (+ EU-residens-rad), Norway East-råd. - azure-ai-foundry.md: Norway East-modellliste + Norway East-råd (GPT-5-residens). - gpt5-gpt41-pricing-models.md: fjernet falsk «Norway East Regional ~10-20%» for gpt-5; modelltilgjengelighet-merknad på offentlig-sektor-tabellen. For streng Norge-residens forblir svaret gpt-4.1/o3/o4-mini/gpt-4o — IKKE GPT-5. Kilder: learn.microsoft.com/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure-region-availability + .../azure/ai-foundry/openai/how-to/deployment-types Verifisert: validate-plugin.sh 219 PASS, test-kb-integrity.sh 117/117. Scope: tilgjengelighetstabell-utvidelse (gpt-5.2/5.5-rader, kolonner) utsatt til del 3/3. Co-Authored-By: Claude Opus 4.8 (1M context) --- .../references/platforms/azure-ai-foundry.md | 2 ++ .../platforms/model-catalog-2026.md | 34 +++++++++++-------- .../gpt5-gpt41-pricing-models.md | 4 ++- 3 files changed, 25 insertions(+), 15 deletions(-) diff --git a/skills/ms-ai-advisor/references/platforms/azure-ai-foundry.md b/skills/ms-ai-advisor/references/platforms/azure-ai-foundry.md index addeb6a..71b134d 100644 --- a/skills/ms-ai-advisor/references/platforms/azure-ai-foundry.md +++ b/skills/ms-ai-advisor/references/platforms/azure-ai-foundry.md @@ -280,6 +280,7 @@ Tilgjengelig i: **Norway East:** - God dekning — bredere enn tidligere dokumentert - Azure OpenAI: GPT-4o, GPT-4.1-serien, o3, o4-mini, o3-mini, o1 +- GPT-5-familien: **kun Global Standard/Provisioned** i Norway East (ikke regional — data prosesseres globalt). gpt-5.5 også via Data Zone Standard (EU-residens). Ingen GPT-5-variant er Norge-resident - DeepSeek-R1, DeepSeek-V3-0324, DeepSeek-R1-0528 (Foundry Models) - Grok-4, Llama-modeller - Foundry Agent Service (GA) @@ -356,6 +357,7 @@ Microsoft.CognitiveServices/account (kind: AIServices) - Deep Research er **bedre egnet for Norway East** enn Sweden Central (ett av kun to regioner) - Computer-Use krever deployment til Sweden Central eller East US 2 - GPT-4.1 og DeepSeek-modeller er fullt tilgjengelig +- GPT-5 i Norway East er kun global (Global Standard/Provisioned) — for streng Norge-residens velg gpt-4.1/o3/o4-mini/gpt-4o; for EU-residens med GPT-5, bruk gpt-5.5 via Data Zone Standard ### Spørsmål å stille kunden - "Trenger dere å sammenligne ulike AI-modeller, eller er GPT tilstrekkelig?" diff --git a/skills/ms-ai-advisor/references/platforms/model-catalog-2026.md b/skills/ms-ai-advisor/references/platforms/model-catalog-2026.md index 85516ff..da33d9a 100644 --- a/skills/ms-ai-advisor/references/platforms/model-catalog-2026.md +++ b/skills/ms-ai-advisor/references/platforms/model-catalog-2026.md @@ -269,10 +269,10 @@ Ved bruk av fine-tuned modeller: | `gpt-4o` (2024-08-06) | Ja | | `gpt-4o` (2024-11-20) | Ja | | `gpt-4o-mini` | Ja | -| `gpt-5` (2025-08-07) | Via Foundry Agent Service / Global Standard | -| `gpt-5-mini` (2025-08-07) | Via Foundry Agent Service / Global Standard | -| `gpt-5-nano` (2025-08-07) | Via Global Standard | -| `gpt-5.1` (2025-11-13) | Via Foundry Agent Service | +| `gpt-5` (2025-08-07) | Ikke regional — kun Global Standard/Provisioned (data forlater Norge) | +| `gpt-5-mini` (2025-08-07) | Ikke regional — kun Global Standard/Provisioned (data forlater Norge) | +| `gpt-5-nano` (2025-08-07) | Ikke regional — kun Global Standard (data forlater Norge) | +| `gpt-5.1` (2025-11-13) | Ikke regional — kun Global Standard/Provisioned (data forlater Norge) | | `o3-deep-research` | Ja (ett av kun to regioner globalt) | | `computer-use-preview` | Nei — kun East US 2, Sweden Central, South India | | `sora` (video) | Nei — kun East US 2, Sweden Central | @@ -307,7 +307,7 @@ Full dekning av GPT-5, GPT-4.1, o-serien, DeepSeek-modeller og alle Foundry Mode | Feature | Norway East | Sweden Central | West Europe | |---------|------------|----------------|-------------| | GPT-4.1-serien | Ja | Ja | Ja | -| GPT-5 (regional PTU) | Via Global std/Agent Service | Ja | Ja | +| GPT-5 | Kun Global (ikke regional) | Ja | Ja | | o3, o4-mini | Ja | Ja | Ja | | DeepSeek (alle) | Ja | Ja | Ja | | Llama 3.3-70B | Ja | Ja | Ja | @@ -334,15 +334,19 @@ Er oppgaven kompleks (reasoning, kode, analyse)? └── Kode-spesifikk → gpt-5-codex / codex-mini Har kunden Norway East-krav (dataresidens)? -├── Ja → GPT-4.1-serien, o3, o4-mini (full støtte) -│ DeepSeek (Global Standard — data kan rutes globalt, vurder nøye) -│ GPT-5 → kun via Global Standard/Agent Service (data kan forlate Norway East) -└── Nei → vurder Sweden Central for full feature coverage +├── Ja, STRENGT (data må forbli i Norge) → Standard/Regional Provisioned i Norway East +│ Velg: gpt-4.1-serien, o3, o4-mini, gpt-4o — bekreftet regional i Norway East +│ INGEN GPT-5-variant er regional i Norway East (kan ikke gjøres Norge-resident) +├── Ja, men EU-sone-residens er akseptabelt (data innen EU, ikke garantert Norge) +│ → gpt-5.5 via Data Zone Standard i Norway East (eneste GPT-5 med EU-residens) +│ DeepSeek/øvrige har ingen Data Zone i Norway East → Global Standard (data globalt) +└── Nei (global prosessering OK) → hele GPT-5-familien via Global Standard/Provisioned, + eller vurder Sweden Central for full feature coverage Er kunden offentlig sektor (Schrems II / GDPR)? -├── Ja, strenge krav → Regional Provisioned i Norway East -│ Velg: gpt-4.1, o3, o4-mini — bekreftet regional PTU -│ Unngå: Global Standard deployment (data rutes globalt) +├── Ja, strenge krav → Standard/Regional Provisioned i Norway East +│ Velg: gpt-4.1, o3, o4-mini, gpt-4o — data forblir i Norge +│ Unngå: Global Standard/Provisioned (data rutes globalt) — gjelder hele GPT-5-familien └── Nei → Global Standard er akseptabelt Trenger kunden open-source/selvhostet-alternativ? @@ -364,7 +368,8 @@ Trenger kunden open-source/selvhostet-alternativ? | On-device / edge / offline | Phi-4-mini-instruct (Foundry Local) | Kjører lokalt, ingen sky | | Open-source med reasoning | DeepSeek-R1 / MAI-DS-R1 | Åpen kildekode, sterk reasoning | | Sammenligning av alternativer | Model Router | Automatisk routing, opp til 60% kostnadsbesparelse | -| DPIA-kritisk (data forblir i Norge) | gpt-4.1/o3 + Regional PTU Norway East | Garantert dataresidens | +| DPIA-kritisk (data forblir i Norge) | gpt-4.1/o3 + Regional PTU Norway East | Garantert dataresidens (ingen GPT-5 mulig her) | +| EU-residens OK, vil ha GPT-5 | gpt-5.5 + Data Zone Standard Norway East | Data forblir i EU (ikke garantert Norge) | ### Spørsmål å stille kunden @@ -380,7 +385,8 @@ Trenger kunden open-source/selvhostet-alternativ? - **Bruk Regional PTU** for produksjonskritiske workloads med dataresidensbehov - **gpt-4.1-serien** er primærvalget — full regional PTU, lav latens - **o3 og o4-mini** er tilgjengelig med regional PTU i Norway East -- **GPT-5** er tilgjengelig via Foundry Agent Service og Global Standard, men data kan rutes utenfor Norway East — vurder nøye for sensitive data +- **GPT-5-familien er IKKE regional i Norway East** — gpt-5/mini/nano/5.1/5.2 kjører kun på Global Standard/Provisioned (data kan prosesseres globalt). Ingen GPT-5-variant kan gjøres Norge-resident; for streng Norge-residens, velg gpt-4.1/o3/o4-mini/gpt-4o +- **gpt-5.5 er unntaket for EU-residens** — tilgjengelig via Data Zone Standard i Norway East (data forblir innen EU, ikke garantert Norge); eneste GPT-5-variant med residens-tier bedre enn global - **Deep Research** (`o3-deep-research`) er tilgjengelig i Norway East — ett av kun to regioner globalt - **DeepSeek** bruker Global Standard (alle regioner) — ikke egnet for strenge dataresidens-krav diff --git a/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md b/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md index 08f4c80..c3ea7f1 100644 --- a/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md +++ b/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md @@ -377,6 +377,8 @@ Norsk offentlig sektor: - Testing og utvikling: **Global Standard** - Høyvolum stabile workloads: Vurder **PTU i Norway East** for latens-SLA + forutsigbar kostnad +> **Modelltilgjengelighet (viktig):** Tabellen over gjelder deployment-typer generelt. GPT-5-familien finnes **ikke** som Regional/PTU i Norway East (verifisert juni 2026) — for personopplysninger som krever Norge-residens, velg gpt-4.1/o3/o4-mini/gpt-4o. Eneste GPT-5 med EU-residens er **gpt-5.5 via Data Zone Standard** (EU-sone, ikke Norge-garantert). + ### TCO-estimat for offentlig AI-prosjekt med GPT-4.1 | Kostnadselement | Estimat (50K forespørsler/mnd) | Optimalisering | @@ -508,7 +510,7 @@ GPT-4o mini og GPT-4o brukes fortsatt i US Government regions (offer comparable **A:** Nei. GPT-5 er bedre for dyp resonnering. For sanntids-chatbots, høyvolum-RAG og enkle oppgaver er GPT-4.1 raskere og tilstrekkelig god. Merk at base-token-kosten nå er omtrent lik (gpt-5 $1.25/$10.00 vs gpt-4.1 $2.00/$8.00) — det reelle skillet er latens og at gpt-5 *-reasoning* genererer ekstra resonnerings-tokens (fakturert som output). Start med GPT-4.1 for enkle oppgaver; velg GPT-5 når resonnering faktisk trengs. **Q: "Hva koster GPT-5 i Norge?"** -**A:** gpt-5 flagship koster $1.25 per 1M input-tokens og $10.00 per 1M output-tokens (Global Standard, verifisert juni 2026). Cached input $0.125. Norway East Regional legger typisk ~10–20% på toppen. gpt-5-mini $0.25/$2.00, gpt-5-nano $0.05/$0.40. Kryssjekk alltid Azure prisside for din region og deployment-type. +**A:** gpt-5 flagship koster $1.25 per 1M input-tokens og $10.00 per 1M output-tokens (Global Standard, verifisert juni 2026). Cached input $0.125. gpt-5-mini $0.25/$2.00, gpt-5-nano $0.05/$0.40. NB om residens: GPT-5 finnes **ikke** som regional deployment i Norway East — kun Global Standard/Provisioned (data prosesseres globalt). gpt-5.5 finnes via Data Zone Standard i Norway East (EU-residens); Data Zone-priser ligger typisk over Global Standard. Kryssjekk alltid Azure prisside for din region og deployment-type. **Q: "Skal vi bruke gpt-4.1-mini eller gpt-4.1 i Copilot Studio?"** **A:** Start med gpt-4.1-mini (Basic rate, laveste Credits-forbruk). Bytt til gpt-4.1 kun for oppgaver som krever mer kompleks resonnering eller høyere kvalitet — test og mål først. From 89dce4ab7d5d8033729cb3a00c16e606d5b91872 Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 15:32:25 +0200 Subject: [PATCH 010/309] =?UTF-8?q?fix(ms-ai-architect):=20korriger=20Norw?= =?UTF-8?q?ay=20East-dataresidens=20+=20modernis=C3=A9r=20modellkatalog=20?= =?UTF-8?q?(#5=20del=203/3=20modellspor)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Verifisert mot Microsoft Learn region-tabeller 2026-06-18 (alle deployment-pivoter): KUN gpt-4o/gpt-4o-mini er Norge-resident (Standard/Regional PTU) i Norway East. gpt-4.1, o3/o4-mini/o3-mini/o1 og HELE GPT-5-familien er IKKE regionale der — kun Global. Reverserer feilaktig baseline fra del 2/3 (8f9fe8b) som anbefalte gpt-4.1/o3/o4-mini for streng Norge-residens. - model-catalog-2026.md: ny deployment-type-matrise (seksjon 9), korrigert beslutningstre/ hurtigguide/Norway East-rad (seksjon 10), nye modeller (gpt-5.2-5.5, gpt-5.3-codex/chat, gpt-chat-latest, gpt-oss-120b/20b, sora-2, gpt-image-2), 1.05M kontekst for 5.4/5.5 - azure-ai-foundry.md: residens-presisering (Norway East-seksjon + spesifikke rad) - gpt5-gpt41-pricing-models.md: korrigert deployment-valg + TCO-premiss (gpt-4o-mini for residens) validate-plugin: 219 PASS Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- .../references/platforms/azure-ai-foundry.md | 13 +- .../platforms/model-catalog-2026.md | 204 ++++++++++-------- .../gpt5-gpt41-pricing-models.md | 6 +- 3 files changed, 123 insertions(+), 100 deletions(-) diff --git a/skills/ms-ai-advisor/references/platforms/azure-ai-foundry.md b/skills/ms-ai-advisor/references/platforms/azure-ai-foundry.md index 71b134d..3b2e5d4 100644 --- a/skills/ms-ai-advisor/references/platforms/azure-ai-foundry.md +++ b/skills/ms-ai-advisor/references/platforms/azure-ai-foundry.md @@ -69,7 +69,7 @@ GPT-5 støtter reasoning, Chat Completions API, Responses API, structured output | `gpt-4.1-mini` (2025-04-14) | Standard | Balansert pris/ytelse | | `gpt-4.1-nano` (2025-04-14) | Standard | Lavest pris, 59,400 TPM per PTU | -Alle GPT-4.1-modeller tilgjengelige i Norway East. +Alle GPT-4.1-modeller tilgjengelige i Norway East **via Global** (Standard/Provisioned) — men IKKE som Norge-resident deployment (kun `gpt-4o`/`gpt-4o-mini` er regionale i Norway East). Se model-catalog-2026.md seksjon 9. #### DeepSeek-modeller (Foundry Models sold directly by Azure) @@ -278,9 +278,10 @@ Tilgjengelig i: - Realtime API (GA) **Norway East:** -- God dekning — bredere enn tidligere dokumentert -- Azure OpenAI: GPT-4o, GPT-4.1-serien, o3, o4-mini, o3-mini, o1 -- GPT-5-familien: **kun Global Standard/Provisioned** i Norway East (ikke regional — data prosesseres globalt). gpt-5.5 også via Data Zone Standard (EU-residens). Ingen GPT-5-variant er Norge-resident +- God dekning **via Global** — men Norge-residens er begrenset +- Azure OpenAI tilgjengelig via Global Standard (data prosesseres globalt): GPT-4o, GPT-4.1-serien, o3, o4-mini, o3-mini, o1, GPT-5-familien +- **Norge-resident (data forblir i Norge — Standard/Regional PTU):** KUN `gpt-4o` (Standard) + `gpt-4o`/`gpt-4o-mini` (Regional PTU). `gpt-4.1`, o-serien og hele GPT-5-familien er **IKKE** regionale i Norway East (verifisert 2026-06-18 mot Learn region-tabeller) +- GPT-5-familien: kun Global Standard/Provisioned (data globalt). `gpt-5.5` også via Data Zone Standard (EU-residens) — eneste GPT-5 med residens-tier i Norway East - DeepSeek-R1, DeepSeek-V3-0324, DeepSeek-R1-0528 (Foundry Models) - Grok-4, Llama-modeller - Foundry Agent Service (GA) @@ -356,8 +357,8 @@ Microsoft.CognitiveServices/account (kind: AIServices) ### Norway East-spesifikke råd - Deep Research er **bedre egnet for Norway East** enn Sweden Central (ett av kun to regioner) - Computer-Use krever deployment til Sweden Central eller East US 2 -- GPT-4.1 og DeepSeek-modeller er fullt tilgjengelig -- GPT-5 i Norway East er kun global (Global Standard/Provisioned) — for streng Norge-residens velg gpt-4.1/o3/o4-mini/gpt-4o; for EU-residens med GPT-5, bruk gpt-5.5 via Data Zone Standard +- GPT-4.1 og DeepSeek-modeller er tilgjengelig, men **kun via Global** (ikke Norge-resident) +- For streng Norge-residens: KUN `gpt-4o`/`gpt-4o-mini` (Standard/Regional PTU) — `gpt-4.1`, o-serien og hele GPT-5-familien er kun Global i Norway East. For EU-residens med nyere modell: `gpt-5.5` via Data Zone Standard, eller flytt til Sweden Central (verifisert 2026-06-18) ### Spørsmål å stille kunden - "Trenger dere å sammenligne ulike AI-modeller, eller er GPT tilstrekkelig?" diff --git a/skills/ms-ai-advisor/references/platforms/model-catalog-2026.md b/skills/ms-ai-advisor/references/platforms/model-catalog-2026.md index da33d9a..7f3ca96 100644 --- a/skills/ms-ai-advisor/references/platforms/model-catalog-2026.md +++ b/skills/ms-ai-advisor/references/platforms/model-catalog-2026.md @@ -1,13 +1,13 @@ # Azure AI Modellkatalog 2026 — Oversikt og valgveiledning -**Last updated:** 2026-02 (research via microsoft-learn MCP) -**Status:** Aktiv — dekker alle modeller tilgjengelig i Microsoft Foundry per 2026-02 +**Last updated:** 2026-06-18 (live-verifisert mot Microsoft Learn region-tabeller) +**Status:** Aktiv — dekker modeller i Microsoft Foundry per 2026-06; Norway East-tilgjengelighet verifisert per deployment-type mot «Region availability for Foundry Models sold by Azure» --- ## Oversikt -Microsoft Foundry (tidligere Azure AI Foundry) har per 2026-02: +Microsoft Foundry (tidligere Azure AI Foundry) har per 2026 (Microsoft-oppgitte tall): - **1 900+** frontier-modeller solgt direkte av Azure - **11 000+** totalt i katalogen (inkl. partner og community) - **40+** Azure-regioner @@ -25,6 +25,7 @@ OpenAIs flaggskip reasoning-modeller. Alle versjonene støtter Chat Completions **Tilgangsmodell:** - `gpt-5`, `gpt-5-codex`, `gpt-5-pro` — krever registrering: `https://aka.ms/oai/gpt5access` - `gpt-5-mini`, `gpt-5-nano`, `gpt-5-chat` — åpen tilgang, ingen registrering +- `gpt-5.5` — enkelte quota-tiers krever quota-forespørsel (Tier 5/6 har quota by default) | Modell | GA-dato | Kontekstvindu | Max output | Merknad | |--------|---------|---------------|------------|---------| @@ -34,11 +35,19 @@ OpenAIs flaggskip reasoning-modeller. Alle versjonene støtter Chat Completions | `gpt-5-chat` | 2025-08-07 (Preview) | 128K | 16 384 | Conversation-optimalisert, emosjonell intelligens | | `gpt-5-codex` | 2025-09-11 | 400K (input 272K, output 128K) | 128K | Kodeoptimalisert (Codex CLI/VS Code) | | `gpt-5-pro` | 2025-10-06 | 400K (input 272K, output 128K) | 128K | Høyeste kapabilitet | -| `gpt-5.1` | 2025-11-13 | 400K (input 272K, output 128K) | 128K | Neste generasjon | -| `gpt-5.2` | 2025-12-11 | 400K | 128K | Siste versjon | +| `gpt-5.1` | 2025-11-13 | 400K (input 272K, output 128K) | 128K | + `gpt-5.1-codex`, `gpt-5.1-codex-mini` | +| `gpt-5.2` | 2025-12-11 | 400K (input 272K, output 128K) | 128K | + `gpt-5.2-codex`, `gpt-5.2-chat` (preview) | +| `gpt-5.3-codex` | 2026-02-24 | 400K (input 272K, output 128K) | 128K | Kun `-codex`/`-chat`-varianter — **ingen bar `gpt-5.3`** finnes | +| `gpt-5.3-chat` | 2026-03-03 (Preview) | 128K (input 111K) | 16 384 | Conversation-variant | +| `gpt-5.4` | 2026-03-05 | **1 050 000** | 128K | Kontekstsprang til ~1M; computer use. + `-mini`/`-nano` (2026-03-17) | +| `gpt-5.4-pro` | 2026-03-05 | 1 050 000 | 128K | Høyeste kapabilitet (ikke lenger restricted) | +| `gpt-5.5` | 2026-04-24 | 1 050 000 (input 922K) | 128K | Treningsdata des. 2025; **eneste GPT-5 med Data Zone i Norway East** | +| `gpt-chat-latest` | 2026-05-28 (Preview) | 128K (input 111K) | 16 384 | «GPT-5.5 Instant» (OpenAI `chat-latest`); kun Global Standard | **PTU-ratio for GPT-5:** 1 output token teller som 8 input tokens mot utnyttelsesgrensen. +> **Merk kontekstsprang:** `gpt-5`/`5.1`/`5.2` har 400K kontekst (272K input). `gpt-5.4`/`5.5` hopper til ~1,05M kontekst. `gpt-5.5` har 922K input. + **Styrker:** - Dyp reasoning og multi-step logikk - Bedre enn GPT-4.1 på komplekse oppgaver, vitenskap, koding og matematikk @@ -168,30 +177,44 @@ Microsofts egne SLM-er (Small Language Models), optimalisert for effektiv infere | `grok-4` | Frontiermodell, alle regioner inkl. Norway East | | `grok-3`, `grok-3-mini` | Eldre versjon | +### OpenAI spesialmodeller (open-weight, video, bilde) + +| Modell | Type | Kontekst | Tilgjengelighet | Merknad | +|--------|------|----------|-----------------|---------| +| `gpt-oss-120b` | Open-weight reasoning | 131 072 | Global Standard (krever Foundry-prosjekt) + managed compute | Kun tekst; quota 5M TPM / 5K RPM | +| `gpt-oss-20b` | Open-weight | 131 072 | Managed compute + Foundry Local | Kun tekst; for edge/lokal kjøring | +| `sora-2` (2025-10-06) | Video | — | Global Standard — kun Sweden Central (EU) + East US 2 | **Ikke i Norway East** | +| `gpt-image-2` (2026-04-21) | Bilde | — | Global Standard — Poland Central + Sweden Central (EU) | **Ikke i Norway East**; `gpt-image-1.5` (2025-12-16) finnes også | + --- ## 7. Modellsammenligningstabell -| Modell | Kontekst (input) | Max output | PTU: input TPM/PTU | Latency target (99%) | Norway East | Tilgang | -|--------|-----------------|------------|---------------------|---------------------|-------------|---------| -| `gpt-5` | 272K | 128K | 4 750 | >50 TPS | Via Agent Service | Registrering | -| `gpt-5-mini` | 272K | 128K | 23 750 | >80 TPS | Via Agent Service | Åpen | -| `gpt-5-nano` | 272K | 128K | Høy | >100 TPS | Via Agent Service | Åpen | -| `gpt-4.1` | 1M | 32 768 | 3 000 | >40 TPS | Ja (full) | Åpen | -| `gpt-4.1-mini` | 1M | 32 768 | 14 900 | >50 TPS | Ja (full) | Åpen | -| `gpt-4.1-nano` | 1M | 32 768 | 59 400 | >60 TPS | Ja (full) | Åpen | -| `o4-mini` | 200K | 100K | 5 400 | >66 TPS | Ja (full) | Åpen | -| `o3` | 200K | 100K | 3 000 | >40 TPS | Ja (full) | Åpen | -| `o3-mini` | 200K | 100K | 2 500 | >66 TPS | Ja (full) | Åpen | -| `o1` | 200K | 100K | 230 | >25 TPS | Ja (full) | Åpen | -| `DeepSeek-R1` | 163K | 163K | 4 000 | >50 TPS | Ja (Global std) | Åpen | -| `DeepSeek-V3-0324` | 131K | 131K | 4 000 | >50 TPS | Ja (Global std) | Åpen | -| `Llama-3.3-70B-Instruct` | 128K | 8 192 | 8 450 | >50 TPS | Ja (Global std) | Åpen | -| `Phi-4-mini-instruct` | 131K | 4 096 | — | — | Ja | Åpen | -| `Phi-4` | 16K | 16K | — | — | Ja | Åpen | +| Modell | Kontekst (input) | Max output | PTU: input TPM/PTU | Latency target (99%) | Norway East — residens | Tilgang | +|--------|-----------------|------------|---------------------|---------------------|------------------------|---------| +| `gpt-5` | 272K | 128K | 4 750 | >50 TPS | Kun Global | Registrering | +| `gpt-5-mini` | 272K | 128K | 23 750 | >80 TPS | Kun Global | Åpen | +| `gpt-5-nano` | 272K | 128K | Høy | >100 TPS | Kun Global Std | Åpen | +| `gpt-5.5` | 922K | 128K | — | — | Data Zone (EU) + Global Prov | Quota-tier | +| `gpt-4.1` | 1M | 32 768 | 3 000 | >40 TPS | ⚠️ Kun Global (ikke resident) | Åpen | +| `gpt-4.1-mini` | 1M | 32 768 | 14 900 | >50 TPS | ⚠️ Kun Global (ikke resident) | Åpen | +| `gpt-4.1-nano` | 1M | 32 768 | 59 400 | >60 TPS | ⚠️ Kun Global (ikke resident) | Åpen | +| `gpt-4o` | 128K | 16 384 | — | — | ✅ Norge-resident (Standard + Regional PTU) | Åpen | +| `gpt-4o-mini` | 128K | 16 384 | — | — | ✅ Norge-resident (Regional PTU) | Åpen | +| `o4-mini` | 200K | 100K | 5 400 | >66 TPS | ⚠️ Kun Global (ikke resident) | Åpen | +| `o3` | 200K | 100K | 3 000 | >40 TPS | ⚠️ Kun Global (ikke resident) | Åpen | +| `o3-mini` | 200K | 100K | 2 500 | >66 TPS | ⚠️ Kun Global (ikke resident) | Åpen | +| `o1` | 200K | 100K | 230 | >25 TPS | ⚠️ Kun Global (ikke resident) | Åpen | +| `DeepSeek-R1` | 163K | 163K | 4 000 | >50 TPS | Kun Global Std | Åpen | +| `DeepSeek-V3-0324` | 131K | 131K | 4 000 | >50 TPS | Kun Global Std | Åpen | +| `Llama-3.3-70B-Instruct` | 128K | 8 192 | 8 450 | >50 TPS | Kun Global Std | Åpen | +| `Phi-4-mini-instruct` | 131K | 4 096 | — | — | Foundry Local / managed | Åpen | +| `Phi-4` | 16K | 16K | — | — | Foundry Local / managed | Åpen | **Merk:** PTU-tall er fra Microsoft Learn og kan endres. Se [Foundry PTU-kalkulator](https://ai.azure.com/resource/calculator) for oppdaterte tall. +> **«Norway East — residens»-kolonnen** angir om data kan holdes Norge-resident. **Kun `gpt-4o`/`gpt-4o-mini`** kan kjøres Norge-resident (Standard/Regional PTU). «Kun Global» = modellen finnes i Norway East, men kun via Global-deployment (data prosesseres globalt). Full deployment-type-matrise i seksjon 9. + --- ## 8. Prismodeller @@ -253,68 +276,63 @@ Ved bruk av fine-tuned modeller: ## 9. Regional tilgjengelighet -### Norway East — detaljert status +> **Verifisert 2026-06-18** mot Microsoft Learn «Region availability for Foundry Models sold by Azure» (Standard- + Provisioned-pivoter). Avgjørende skille for offentlig sektor: **hvor prosesseres data?** +> - **Standard/Regional** og **Regional Provisioned (PTU)** = data prosesseres i regionen (Norge-resident). +> - **Data Zone** (Standard/Provisioned) = data prosesseres innen EU (EU-resident, ikke garantert Norge). +> - **Global** (Standard/Provisioned) = data kan prosesseres i en hvilken som helst Azure-region (ikke resident). -**Azure OpenAI-modeller (regional provisioned):** +### Norway East — tilgjengelighet per deployment-type -| Modell | Norway East | -|--------|------------| -| `gpt-4.1` (2025-04-14) | Ja | -| `gpt-4.1-mini` (2025-04-14) | Ja | -| `gpt-4.1-nano` (2025-04-14) | Ja | -| `o3` (2025-04-16) | Ja | -| `o4-mini` (2025-04-16) | Ja | -| `o3-mini` (2025-01-31) | Ja | -| `o1` (2024-12-17) | Ja | -| `gpt-4o` (2024-08-06) | Ja | -| `gpt-4o` (2024-11-20) | Ja | -| `gpt-4o-mini` | Ja | -| `gpt-5` (2025-08-07) | Ikke regional — kun Global Standard/Provisioned (data forlater Norge) | -| `gpt-5-mini` (2025-08-07) | Ikke regional — kun Global Standard/Provisioned (data forlater Norge) | -| `gpt-5-nano` (2025-08-07) | Ikke regional — kun Global Standard (data forlater Norge) | -| `gpt-5.1` (2025-11-13) | Ikke regional — kun Global Standard/Provisioned (data forlater Norge) | -| `o3-deep-research` | Ja (ett av kun to regioner globalt) | -| `computer-use-preview` | Nei — kun East US 2, Sweden Central, South India | -| `sora` (video) | Nei — kun East US 2, Sweden Central | -| `gpt-image-1` | Begrenset tilgang, ikke bekreftet Norway East | +| Modell | Norge-resident¹ | EU-sone (Data Zone Std) | Global Std | Global Prov | +|--------|:---:|:---:|:---:|:---:| +| `gpt-4o` (2024-11-20) | ✅ Standard | – | ✅ | ✅ | +| `gpt-4o` (2024-05-13 / 08-06) | ✅ Regional PTU | – | ✅ | ✅ | +| `gpt-4o-mini` | ✅ Regional PTU | – | ✅ | ✅ | +| `gpt-4.1` / `-mini` / `-nano` | – | – | ✅ | ✅ | +| `o3`, `o3-mini`, `o4-mini`, `o1` | – | – | ✅ | ✅ | +| `o3-deep-research` | – | – | ✅² | – | +| `gpt-5`, `gpt-5-mini` | – | – | ✅ | ✅ | +| `gpt-5-nano` | – | – | ✅ | – | +| `gpt-5.1` | – | – | ✅ | ✅ | +| `gpt-5.2` (+ `-codex`) | – | – | ✅ | ✅ | +| `gpt-5.3-codex` | – | – | ✅ | ✅ | +| `gpt-5.3-chat` | – | – | ✅ | – | +| `gpt-5.4` | – | – | ✅ | ✅ | +| `gpt-5.4-mini` / `-nano` | – | – | ✅ | – | +| `gpt-5.4-pro` | – | – | – | – | +| `gpt-5.5` | – | ✅³ | – | ✅ | +| `gpt-chat-latest` | – | – | – | – | +| `sora-2`, `gpt-image-2`, `computer-use-preview` | – | – | – | – | -**Foundry Models sold directly by Azure (DeepSeek, Llama, Mistral, Grok):** +¹ Norge-resident = Standard/Regional **eller** Regional Provisioned (PTU) i Norway East — prosessering forblir i Norge. +² `o3-deep-research` finnes i Norway East kun via **Global Standard** (Norway East + West US er de eneste to regionene globalt) — data prosesseres globalt, ikke resident. +³ `gpt-5.5` er den **eneste** modellen med Data Zone Standard (EU-residens) i Norway East. -Alle disse er tilgjengelig i Norway East via Global Standard deployment: -- DeepSeek-R1, R1-0528, V3-0324, V3.1, V3.2 -- Llama-4-Maverick, Llama-3.3-70B -- Grok-4 (alle varianter) -- MAI-DS-R1 -- mistral-document-ai +**Konsekvens (viktig korreksjon 2026-06-18):** De **eneste generative modellene som kan kjøres Norge-resident** i Norway East er **`gpt-4o` og `gpt-4o-mini`**. `gpt-4.1`, hele o-serien (`o3`/`o4-mini`/`o3-mini`/`o1`) og hele GPT-5-familien har **ingen** Standard/Regional- eller Regional-PTU-deployment i Norway East — de kjører kun Global (data globalt), eller for `gpt-5.5` via Data Zone (EU). I tillegg er `text-embedding-3-large`, `text-embedding-ada-002` og `whisper` Norge-resident (Standard) i Norway East. -### Sweden Central — referanse +**Foundry Models sold directly by Azure (DeepSeek, Llama, Mistral, Grok):** tilgjengelig i Norway East kun via **Global Standard** (data prosesseres globalt) — ikke egnet for dataresidens-krav. Omfatter DeepSeek-R1/R1-0528/V3-0324/V3.1/V3.2, Llama-4-Maverick/Llama-3.3-70B, Grok-4, MAI-DS-R1, mistral-document-ai. -Sweden Central har full feature coverage og er anbefalt for pilot-prosjekter med nyeste features: -- GPT-5-serien (alle varianter inkl. gpt-5-mini, nano) -- Alle GPT-4.1-varianter -- o-serien (o3, o4-mini, o3-mini, o1, o3-pro) -- Computer-Use (`computer-use-preview`) — JA -- Sora video generation — JA -- DeepSeek, Grok, Llama, Mistral — alle tilgjengelig -- Foundry Agent Service (GA), Workflows, Deep Research +### Sweden Central — referanse (full feature-dekning) + +Sweden Central har bredest feature-dekning i Norden og er anbefalt for pilot med nyeste modeller. Avgjørende: flere modeller er **Sverige-resident** (Standard/Regional) i Sweden Central som IKKE er regionale i Norway East — bl.a. `gpt-4.1`, `gpt-4.1-mini`, `gpt-4o`-familien, `o1`, `o4-mini`, `gpt-5.1`. I tillegg (via Global): hele GPT-5-familien, `o3`/`o3-pro`, `computer-use-preview`, `sora-2`, `gpt-image-2`, `codex-mini`, samt DeepSeek/Grok/Llama/Mistral. Merk: `gpt-5.5` (Data Zone) og `o3-deep-research` finnes derimot i Norway East, ikke Sweden Central. ### West Europe -Full dekning av GPT-5, GPT-4.1, o-serien, DeepSeek-modeller og alle Foundry Models sold directly by Azure. +Bred dekning via Global Standard/Provisioned (GPT-5-familien, GPT-4.1, o-serien, DeepSeek m.fl.). Som Standard/Regional er kun utvalgte modeller tilgjengelig. For EU-residens: bruk Data Zone-deployments. -### Oppsummering: Nordiske regioner +### Oppsummering: Nordiske regioner — Norge-resident vs. tilgjengelig via Global -| Feature | Norway East | Sweden Central | West Europe | -|---------|------------|----------------|-------------| -| GPT-4.1-serien | Ja | Ja | Ja | -| GPT-5 | Kun Global (ikke regional) | Ja | Ja | -| o3, o4-mini | Ja | Ja | Ja | -| DeepSeek (alle) | Ja | Ja | Ja | -| Llama 3.3-70B | Ja | Ja | Ja | -| Computer-Use | Nei | Ja | Nei | -| Sora | Nei | Ja | Nei | -| o3-deep-research | Ja | Nei | Ja | -| Dataresidens (GDPR) | Norsk | Svensk | Europeisk | +| Modell/feature | Norway East | Sweden Central | +|---------------|:---:|:---:| +| `gpt-4o` / `gpt-4o-mini` — resident | ✅ | ✅ | +| `gpt-4.1`-serien — resident | ❌ (kun Global) | ✅ | +| `o4-mini` — resident | ❌ (kun Global) | ✅ | +| `o3` — resident | ❌ (kun Global) | ❌ (kun Global) | +| GPT-5-familien — resident | ❌ | delvis (`gpt-5.1` Standard) | +| `gpt-5.5` — Data Zone (EU-resident) | ✅ (eneste i Norden) | ❌ | +| `o3-deep-research` (Global) | ✅ | ❌ | +| `computer-use-preview` / `sora-2` / `gpt-image-2` | ❌ | ✅ (Global) | +| Dataresidens for resident-modeller | Norsk | Svensk | --- @@ -334,19 +352,22 @@ Er oppgaven kompleks (reasoning, kode, analyse)? └── Kode-spesifikk → gpt-5-codex / codex-mini Har kunden Norway East-krav (dataresidens)? -├── Ja, STRENGT (data må forbli i Norge) → Standard/Regional Provisioned i Norway East -│ Velg: gpt-4.1-serien, o3, o4-mini, gpt-4o — bekreftet regional i Norway East -│ INGEN GPT-5-variant er regional i Norway East (kan ikke gjøres Norge-resident) +├── Ja, STRENGT (data må forbli i Norge) → Standard / Regional Provisioned i Norway East +│ Velg: KUN gpt-4o / gpt-4o-mini (+ embeddings, whisper) — eneste Norge-residente generative modeller +│ IKKE Norge-resident: gpt-4.1, o3/o4-mini/o3-mini/o1, HELE GPT-5-familien (kun Global her) +│ Trenger du nyere modell enn gpt-4o? → løs residens i Sweden Central, eller aksepter EU-sone ├── Ja, men EU-sone-residens er akseptabelt (data innen EU, ikke garantert Norge) -│ → gpt-5.5 via Data Zone Standard i Norway East (eneste GPT-5 med EU-residens) +│ → gpt-5.5 via Data Zone Standard i Norway East (eneste GPT-5 med Data Zone her) +│ eller Sweden Central Standard for gpt-4.1 / o4-mini / gpt-5.1 (Sverige-resident) │ DeepSeek/øvrige har ingen Data Zone i Norway East → Global Standard (data globalt) -└── Nei (global prosessering OK) → hele GPT-5-familien via Global Standard/Provisioned, - eller vurder Sweden Central for full feature coverage +└── Nei (global prosessering OK) → hele GPT-5-familien (5/5.1/5.2/5.3/5.4) via Global Standard/Provisioned, + eller Sweden Central for full feature coverage (computer-use, sora-2, gpt-image-2) Er kunden offentlig sektor (Schrems II / GDPR)? -├── Ja, strenge krav → Standard/Regional Provisioned i Norway East -│ Velg: gpt-4.1, o3, o4-mini, gpt-4o — data forblir i Norge -│ Unngå: Global Standard/Provisioned (data rutes globalt) — gjelder hele GPT-5-familien +├── Ja, strenge krav (Norge-residens) → Standard / Regional Provisioned i Norway East +│ Velg: gpt-4o / gpt-4o-mini — eneste modeller der data forblir i Norge +│ Unngå: Global Standard/Provisioned (data rutes globalt) — gjelder gpt-4.1, o-serien OG hele GPT-5-familien +├── Ja, men EU-residens akseptabelt → gpt-5.5 (Data Zone Norway East) eller Sweden Central-resident modeller └── Nei → Global Standard er akseptabelt Trenger kunden open-source/selvhostet-alternativ? @@ -368,7 +389,7 @@ Trenger kunden open-source/selvhostet-alternativ? | On-device / edge / offline | Phi-4-mini-instruct (Foundry Local) | Kjører lokalt, ingen sky | | Open-source med reasoning | DeepSeek-R1 / MAI-DS-R1 | Åpen kildekode, sterk reasoning | | Sammenligning av alternativer | Model Router | Automatisk routing, opp til 60% kostnadsbesparelse | -| DPIA-kritisk (data forblir i Norge) | gpt-4.1/o3 + Regional PTU Norway East | Garantert dataresidens (ingen GPT-5 mulig her) | +| DPIA-kritisk (data forblir i Norge) | gpt-4o / gpt-4o-mini + Standard/Regional PTU Norway East | Eneste Norge-residente generative modeller (ikke gpt-4.1/o3/GPT-5) | | EU-residens OK, vil ha GPT-5 | gpt-5.5 + Data Zone Standard Norway East | Data forblir i EU (ikke garantert Norge) | ### Spørsmål å stille kunden @@ -382,13 +403,13 @@ Trenger kunden open-source/selvhostet-alternativ? ### Norway East-spesifikke råd -- **Bruk Regional PTU** for produksjonskritiske workloads med dataresidensbehov -- **gpt-4.1-serien** er primærvalget — full regional PTU, lav latens -- **o3 og o4-mini** er tilgjengelig med regional PTU i Norway East -- **GPT-5-familien er IKKE regional i Norway East** — gpt-5/mini/nano/5.1/5.2 kjører kun på Global Standard/Provisioned (data kan prosesseres globalt). Ingen GPT-5-variant kan gjøres Norge-resident; for streng Norge-residens, velg gpt-4.1/o3/o4-mini/gpt-4o -- **gpt-5.5 er unntaket for EU-residens** — tilgjengelig via Data Zone Standard i Norway East (data forblir innen EU, ikke garantert Norge); eneste GPT-5-variant med residens-tier bedre enn global -- **Deep Research** (`o3-deep-research`) er tilgjengelig i Norway East — ett av kun to regioner globalt -- **DeepSeek** bruker Global Standard (alle regioner) — ikke egnet for strenge dataresidens-krav +- **Norge-residens er begrenset til `gpt-4o`-familien.** `gpt-4o` (Standard) og `gpt-4o`/`gpt-4o-mini` (Regional PTU) er de eneste generative modellene som kan kjøres med data resident i Norge. Bruk **Regional PTU** for produksjonskritiske residens-workloads. +- **`gpt-4.1`-serien er IKKE Norge-resident** i Norway East — kun Global (data globalt) eller Global PTU. Tidligere antakelse om regional gpt-4.1 her var **feil** (korrigert 2026-06-18 mot Learn region-tabeller). +- **o-serien (`o3`/`o4-mini`/`o3-mini`/`o1`) er IKKE Norge-resident** i Norway East — kun Global. (`o4-mini` finnes som Standard/Regional i Sweden Central, men ikke Norway East.) +- **Hele GPT-5-familien er IKKE Norge-resident** i Norway East. `gpt-5.5` er eneste med **Data Zone Standard (EU-residens)**; resten (gpt-5/5.1/5.2/5.3/5.4) kun Global Standard/Provisioned. +- **Trenger du nyere modell enn gpt-4o med residens?** Aksepter **EU-sone** (gpt-5.5 Data Zone i Norway East) eller flytt til **Sweden Central** (Sverige-resident gpt-4.1/o4-mini/gpt-5.1). +- **Deep Research** (`o3-deep-research`) finnes i Norway East, men kun via **Global Standard** (Norway East + West US er de eneste to regionene) — data prosesseres globalt, ikke resident. +- **DeepSeek/Llama/Grok** i Norway East er kun Global Standard — ikke egnet for strenge dataresidens-krav. --- @@ -397,6 +418,7 @@ Trenger kunden open-source/selvhostet-alternativ? Adapted from Microsoft Learn documentation ([CC BY 4.0](https://creativecommons.org/licenses/by/4.0/)): - [Foundry Models sold directly by Azure (azure-openai)](https://learn.microsoft.com/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure?view=foundry-classic) +- [Region availability for Foundry Models sold by Azure](https://learn.microsoft.com/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure-region-availability) — **autoritativ deployment-type × region-matrise (live-verifisert 2026-06-18; grunnlag for seksjon 9)** - [Foundry Models sold directly by Azure (azure-direct-others)](https://learn.microsoft.com/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure?view=foundry-classic&pivots=azure-direct-others) - [Azure OpenAI in Azure AI Foundry Models — model overview](https://learn.microsoft.com/azure/foundry/foundry-models/concepts/models-sold-directly-by-azure) - [GPT-5 vs GPT-4.1: choosing the right model](https://learn.microsoft.com/azure/foundry/foundry-models/how-to/model-choice-guide?view=foundry-classic) @@ -408,4 +430,4 @@ Adapted from Microsoft Learn documentation ([CC BY 4.0](https://creativecommons. Content translated to Norwegian, reorganized, and augmented with decision guidance for Norwegian public sector. -Research date: 2026-02 +Research date: 2026-02; region- og deployment-type-tabeller live-verifisert 2026-06-18 diff --git a/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md b/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md index c3ea7f1..b91956c 100644 --- a/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md +++ b/skills/ms-ai-security/references/cost-optimization/gpt5-gpt41-pricing-models.md @@ -352,7 +352,7 @@ Krever oppgaven dyp, flertrinns resonnering? ``` Norsk offentlig sektor: - Personopplysninger → Regional Standard (Norway East) + gpt-4.1-mini/gpt-4.1 + Personopplysninger (streng Norge-residens) → Regional Standard/PTU (Norway East) + KUN gpt-4o/gpt-4o-mini Ikke-sensitiv data → Data Zone Standard (EU) for litt lavere kostnad Høyvolum produksjon → PTU (ved forutsigbart volum) Utvikling/testing → Global Standard (lavest pris, ingen compliance-garanti) @@ -377,13 +377,13 @@ Norsk offentlig sektor: - Testing og utvikling: **Global Standard** - Høyvolum stabile workloads: Vurder **PTU i Norway East** for latens-SLA + forutsigbar kostnad -> **Modelltilgjengelighet (viktig):** Tabellen over gjelder deployment-typer generelt. GPT-5-familien finnes **ikke** som Regional/PTU i Norway East (verifisert juni 2026) — for personopplysninger som krever Norge-residens, velg gpt-4.1/o3/o4-mini/gpt-4o. Eneste GPT-5 med EU-residens er **gpt-5.5 via Data Zone Standard** (EU-sone, ikke Norge-garantert). +> **Modelltilgjengelighet (viktig — korrigert 2026-06-18):** Tabellen over gjelder deployment-typer generelt. I Norway East er **KUN `gpt-4o`/`gpt-4o-mini`** faktisk tilgjengelig som Norge-resident (Standard/Regional PTU). `gpt-4.1`, o-serien (`o3`/`o4-mini`/`o3-mini`/`o1`) og hele GPT-5-familien finnes **ikke** som Regional/PTU i Norway East — kun Global (data prosesseres globalt). For personopplysninger som krever streng Norge-residens: velg `gpt-4o`/`gpt-4o-mini`. Eneste GPT-5 med EU-residens i Norway East er **gpt-5.5 via Data Zone Standard** (EU-sone, ikke Norge-garantert). Verifisert mot Learn region-tabeller. ### TCO-estimat for offentlig AI-prosjekt med GPT-4.1 | Kostnadselement | Estimat (50K forespørsler/mnd) | Optimalisering | |-----------------|--------------------------------|----------------| -| gpt-4.1-mini inferens (Norway East) | ~1 300–2 600 NOK/mnd | Bytt til Data Zone hvis compliance tillater | +| gpt-4.1-mini inferens (EU Data Zone / Global) | ~1 300–2 600 NOK/mnd | gpt-4.1-mini er IKKE Norge-resident; streng residens → gpt-4o-mini (Regional PTU) | | gpt-4.1 for komplekse forespørsler (10%) | ~1 200 NOK/mnd | Model Router automatiserer valget | | Azure AI Search (RAG) | 3 000–10 000 NOK/mnd | Optimaliser indeks og chunking | | Azure Monitor/logging | 1 000–3 000 NOK/mnd | Sett sampling-rate | From 2067c1e8028c7d5c0bae2127cd81f49e03b832f7 Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 15:36:31 +0200 Subject: [PATCH 011/309] =?UTF-8?q?fix(ms-ai-architect):=20currency=20?= =?UTF-8?q?=E2=80=94=20Connected=20Agents=20deprecated,=20ny=20GA-modell?= =?UTF-8?q?=20Prompt/Hosted=20agents=20+=20Responses=20API=20(#5=20del=203?= =?UTF-8?q?/3=20agentspor)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Verifisert 2026-06-18 mot learn.microsoft.com/azure/foundry/agents/overview + classic-deprecation-bannere: Connected Agents tilhører Foundry (classic), er DEPRECATED og pensjoneres 2027-03-31 — finnes IKKE i nye Foundry Agent Service. Multi-agent skjer nå via Workflows (2025-11-15-preview) + A2A-tool (preview). Ny GA-modell = Prompt agents (GA) + Hosted agents (preview), med Responses API som single entry point. - foundry-agent-service-ga.md: deprecation-banner i header, reframet GA-feature-tabell, markert Connected Agents-seksjon + beslutningstre/modenhet som classic-bane - multi-agent-orchestration-patterns.md: 2 Connected Agents-referanser markert classic/deprecated validate-plugin: 219 PASS Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- .../foundry-agent-service-ga.md | 41 ++++++++++++------- .../multi-agent-orchestration-patterns.md | 4 +- 2 files changed, 29 insertions(+), 16 deletions(-) diff --git a/skills/ms-ai-engineering/references/agent-orchestration/foundry-agent-service-ga.md b/skills/ms-ai-engineering/references/agent-orchestration/foundry-agent-service-ga.md index 4b6805e..39ca70e 100644 --- a/skills/ms-ai-engineering/references/agent-orchestration/foundry-agent-service-ga.md +++ b/skills/ms-ai-engineering/references/agent-orchestration/foundry-agent-service-ga.md @@ -1,9 +1,18 @@ # Azure AI Foundry Agent Service (GA) -**Last updated:** 2026-02 -**Status:** GA (mai 2025) +**Last updated:** 2026-06-18 (currency-verifisert mot Learn) +**Status:** GA — **ny agent-modell** (Prompt agents GA + Hosted agents preview) **Category:** Agent Orchestration & Automation +> **VIKTIG currency-korreksjon (verifisert 2026-06-18 mot learn.microsoft.com/azure/foundry/agents/overview):** +> Dagens GA-modell for Foundry Agent Service har to agenttyper: +> - **Prompt agents** (GA) — konfig-definert (instruksjoner + modell + verktøy), fullt administrert runtime. +> - **Hosted agents** (Public Preview) — din egen kode/container (Agent Framework, LangGraph, OpenAI/Anthropic Agents SDK …) kjørt av Foundry. +> +> **Responses API er «single entry point»** for alle agenttyper (modell-inferens + tool-orkestrering). +> **«Connected Agents» tilhører Foundry (classic) og er DEPRECATED — pensjoneres 31. mars 2027.** Den finnes IKKE i nye Foundry Agent Service. For multi-agent: bruk **Workflows** (`2025-11-15-preview` API) + **A2A-tool** (preview). Migrasjonsguide: learn.microsoft.com/azure/foundry/agents/how-to/migrate. +> Seksjoner under som beskriver Connected Agents og threads/runs-API gjelder **classic-banen** (fortsatt brukbar til 2027-03-31), ikke ny GA. + --- ## Introduksjon @@ -23,26 +32,28 @@ Foundry Agent Service er limet som kobler sammen de fire kjernekomponentene i Mi | **AI-modeller** | GPT-4o, o3, Llama, Grok, DeepSeek m.fl. | | **Verktøy og rammeverk** | Code Interpreter, File Search, MCP, OpenAPI, Azure Functions | | **Governance og compliance** | Microsoft Entra, RBAC, content filters, audit logs | -| **Orkestrering** | Connected Agents, Workflows, Agent Catalog | +| **Orkestrering** | Workflows + A2A-tool (Connected Agents er classic/deprecated) | En agent i Foundry har tre kjernekomponenter: 1. **Modell (LLM)**: Driver resonnering og språkforståelse 2. **Instruksjoner**: Definerer agentens mål, atferd og begrensninger 3. **Verktøy**: Lar agenten hente kunnskap eller utføre handlinger -## GA-milepæler (mai 2025) +## GA-modell og feature-status (per 2026-06) | Feature | Status | |---------|--------| | Foundry Agent Service kjerne | **GA** | -| Connected Agents (multi-agent) | **GA** | +| Prompt agents (konfig-definert, managed runtime) | **GA** | +| Responses API (single entry point for alle agenttyper) | **GA** | +| Hosted agents (din egen kode/container) | **Preview** | +| Workflows (multi-agent orkestrering, `2025-11-15-preview`) | **Preview** | +| A2A-tool (agent-to-agent) | **Preview** | | Agent tracing og debugging | **GA** | | Logic Apps-triggerintegrasjon | **GA** | -| Bing Custom Search tool | **GA** | -| MCP tool (Model Context Protocol) | **GA** (juni 2025) | -| Deep Research tool (o3-deep-research) | **GA** (juni 2025) | -| Hosted agents (containerized) | **Preview** | -| Multi-Agent Workflows (YAML) | **Preview** | +| MCP tool (Model Context Protocol) | **GA** | +| Deep Research tool (o3-deep-research) | **GA** | +| Connected Agents (multi-agent) | **Classic — DEPRECATED, pensjoneres 2027-03-31 → bruk Workflows + A2A** | | Memory Store API | **Preview** | ## Kjernefunksjoner @@ -181,7 +192,9 @@ Containeriserte agenter som kjøres på Foundry-administrert infrastruktur: ## Multi-agent mønstre -### Connected Agents (GA — mai 2025) +### Connected Agents (classic — DEPRECATED, pensjoneres 2027-03-31) + +> Connected Agents finnes kun i Foundry (classic) (`2025-05-15-preview` API) og er deprecated. I nye Foundry Agent Service erstattes multi-agent av **Workflows** (`2025-11-15-preview`) + **A2A-tool**. Mønsteret under er fortsatt brukbart til 2027-03-31, men nye løsninger bør bruke Workflows/A2A. Primæragenten delegerer til spesialiserte subagenter via naturlig språk — **ingen ekstern orkestrator nødvendig**: @@ -377,7 +390,7 @@ Agenter som bidrar til vedtaksprosesser **må**: |----------|-------------| | **Du trenger produksjonsklar agent fra dag én** | Innebygd enterprise-sikkerhet, compliance, skalering | | **Persistent conversation state er nødvendig** | Threads håndterer state automatisk | -| **Multi-agent workflow uten custom orkestrator** | Connected Agents med naturlig-språk routing | +| **Multi-agent workflow uten custom orkestrator** | Workflows (`2025-11-15-preview`) + A2A — IKKE classic Connected Agents (deprecated 2027-03-31) | | **Regulerte virksomheter (offentlig sektor, helse, finans)** | Content filtering, audit logs, Entra-integrasjon | | **Rike verktøy ut-av-boksen** | Code Interpreter, File Search, MCP, Logic Apps (1400+ koblinger) | | **Semantic Kernel / Microsoft Agent Framework** | Native integrasjon via `AzureAIAgent` | @@ -422,7 +435,7 @@ Agenter som bidrar til vedtaksprosesser **må**: ### Spørsmål å stille 1. **Trenger du persistent state?** → Ja: Foundry Agent Service (threads). Nei: Vurder stateless Responses API -2. **Antall agenter og orkestreringslogikk?** → 1-5 enkle: Connected Agents. Kompleks YAML-logikk: Workflows (preview) +2. **Antall agenter og orkestreringslogikk?** → multi-agent: Workflows (`2025-11-15-preview`) + A2A. (Classic Connected Agents er deprecated — pensjoneres 2027-03-31.) 3. **Hvem bygger agenten?** → Utviklere: Foundry Agent Service. Forretningsbrukere: Copilot Studio 4. **Krav til datasuverenitet?** → Norway East + BYO Cosmos DB 5. **Budget-sensitivitet?** → Dimensjoner Code Interpreter-bruk (per sesjon) og vector storage nøye @@ -444,7 +457,7 @@ Agenter som bidrar til vedtaksprosesser **må**: - Standard Microsoft-lagring (ikke BYO Cosmos DB) #### Nivå 2: Pilot (3-12 måneder) -- Connected Agents for modulær arkitektur +- Multi-agent: Workflows + A2A (ikke classic Connected Agents — deprecated 2027-03-31) - MCP-integrasjon med interne systemer - Application Insights for observability - BYO Cosmos DB for thread storage diff --git a/skills/ms-ai-engineering/references/agent-orchestration/multi-agent-orchestration-patterns.md b/skills/ms-ai-engineering/references/agent-orchestration/multi-agent-orchestration-patterns.md index aeb9861..ecb5a93 100644 --- a/skills/ms-ai-engineering/references/agent-orchestration/multi-agent-orchestration-patterns.md +++ b/skills/ms-ai-engineering/references/agent-orchestration/multi-agent-orchestration-patterns.md @@ -417,7 +417,7 @@ await Task.WhenAll(taskA, taskB); // Checkpoint ensures no replay ### Copilot Studio og M365 Copilot -**Connected Agents (Foundry Agent Service):** +**Connected Agents (Foundry classic — DEPRECATED, pensjoneres 2027-03-31; i ny Foundry Agent Service: Workflows `2025-11-15-preview` + A2A):** - Nondeterministic workflows (primært) - No-code/low-code environment - Begrenset pattern-support (primært simple routing) @@ -554,7 +554,7 @@ scope.RecordOutputMessages(new[] { output }); **Foundry Agent Service:** - Azure AI Foundry: Pay-per-use pricing (model API calls + hosting) -- Connected Agents: Workflow orchestration, pay-per-invocation +- Connected Agents (classic, deprecated 2027-03-31 → Workflows + A2A): Workflow orchestration, pay-per-invocation **Estimat (eksempel):** - Sequential (4 agenter × 1000 tokens/agent × $0.01/1K tokens) ≈ **$0.04 per run** From 9a166f93bb619bac62ded306bff436739c19fd3f Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 17:22:48 +0200 Subject: [PATCH 012/309] =?UTF-8?q?fix(ms-ai-architect):=20#7a=20ruting=20?= =?UTF-8?q?=E2=80=94=20RAG/MLOps-KB-ruting=20(F)=20+=20forson=20ROS-last-k?= =?UTF-8?q?ontrakt=20(G)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Audit P2 §94-118. Latent engineering-dybde gjøres nåbar; determinisme-løftet repareres. F (ruting til RAG/MLOps-KB): betinget, navngitt Read-ruting (samme mønster som security/cost): - architecture-review-agent.md: RAG-arkitektur + MLOps/GenAIOps lagt i domene-spesifikk last-blokk - research-agent.md: ny lokal KB-baseline for RAG/MLOps-temaer — leses som hypotese, MCP er fasit, avvik flagges - poc.md: betinget steg 3b — RAG/MLOps-kjernefiler forankrer scope + suksesskriterier G (forson ROS-rutingsmotsetning): ett eksplisitt last-kontrakt forsont på tvers av tre kilder. Tidligere: CLAUDE.md «max 3» vs agent 11 filer flatt vs ros.md 5 → ikke-deterministisk lasting. Nå: kjerne (alltid, 4: trusselbibliotek/rubrikker/metodikk/mal) + betinget på trigger (sektor/MAESTRO/DPIA-integrasjon/AI Act). Reflektert i: - ros-analysis-agent.md: «Knowledge Base References» omskrevet til last-kontrakt + AI Act-blokk + «Load KB»-steg bundet til den - CLAUDE.md: header «typisk 3 kjernefiler»; ROS dokumentert som unntak med 4 kjerne + betinget - ros.md: delegeringsprompt skiller kjerne/betinget per kontrakt validate-plugin: 223 PASS Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- CLAUDE.md | 8 +++--- agents/architecture-review-agent.md | 2 ++ agents/research-agent.md | 8 ++++++ agents/ros-analysis-agent.md | 43 +++++++++++++++++++---------- commands/poc.md | 6 ++++ commands/ros.md | 11 ++++++-- 6 files changed, 58 insertions(+), 20 deletions(-) diff --git a/CLAUDE.md b/CLAUDE.md index 862970e..2ec4e2e 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -72,13 +72,13 @@ Tilbyr strukturert arkitekturveiledning for Microsoft AI-stakken: | `ms-ai-engineering` | RAG, agenter, Azure AI Services, data, MLOps, multimodal | 153 | "Hvordan bygger jeg dette?" | | `ms-ai-infrastructure` | BCDR, hybrid/edge, suveren sky | 34 | "Hvordan drifter jeg dette?" | -### Kunnskapsbase-routing i agenter (max 3 filer per invokasjon) +### Kunnskapsbase-routing i agenter (typisk 3 kjernefiler per invokasjon) -Agenter leser navngitte kjernefiler, ikke hele kataloger: +Agenter leser navngitte kjernefiler, ikke hele kataloger. «3 kjernefiler» er normalen for review-/security-/cost-mønsteret; **ros-analysis-agent er et dokumentert unntak** med et større, eksplisitt last-kontrakt (kjerne + betinget) definert i agentfilen — fordi en deterministisk ROS krever trusselbibliotek + rubrikker + metodikk + mal som minimumskjerne. - **security-assessment-agent**: security-scoring-rubrics-6x5.md, ai-security-scoring-framework.md, ai-threat-modeling-stride.md - **cost-estimation-agent**: deterministic-cost-calculation-model.md, azure-ai-foundry-cost-governance.md, cost-models.md -- **architecture-review-agent**: decision-trees.md, security.md, public-sector-checklist.md + domene-spesifikke ved behov -- **ros-analysis-agent**: ros-ai-threat-library.md, ros-scoring-rubrics-7x5.md, ros-methodology-ns5814-iso31000.md +- **architecture-review-agent**: decision-trees.md, security.md, public-sector-checklist.md + domene-spesifikke ved behov (RAG/MLOps lastes betinget) +- **ros-analysis-agent**: kjerne (alltid, 4): ros-ai-threat-library.md, ros-scoring-rubrics-7x5.md, ros-methodology-ns5814-iso31000.md, ros-report-templates.md + betinget på trigger (sektor / MAESTRO / DPIA-integrasjon / AI Act) — se last-kontrakt i agentfilen - **dpia-agent**: dpia-norwegian-methodology-ai.md, gdpr-compliance-ai-systems.md, ai-impact-assessment-framework.md - **ai-act-assessor**: ai-act-classification-methodology.md + relevante ai-act-*.md filer (maks 3 per fase) - **summary-agent**: Leser assessment-outputs fra sesjon, ikke KB-filer diff --git a/agents/architecture-review-agent.md b/agents/architecture-review-agent.md index 0aedc41..edefa52 100644 --- a/agents/architecture-review-agent.md +++ b/agents/architecture-review-agent.md @@ -169,6 +169,8 @@ Load domain-specific references only when dimension requires depth (max 2-3 addi - Norwegian: `norwegian-public-sector-governance/utredningsinstruksen-ai-methodology.md` - Security: `ai-security-engineering/ai-threat-modeling-stride.md` - Cost: `cost-optimization/azure-ai-foundry-cost-governance.md`, `cost-optimization/deterministic-cost-calculation-model.md` +- RAG-arkitektur (når løsningen er RAG-/gjenfinningsbasert): `skills/ms-ai-engineering/references/rag-architecture/rag-core-patterns.md`, `rag-architecture/agentic-rag-patterns.md`, `rag-architecture/rag-evaluation-frameworks.md` +- MLOps/GenAIOps (når løsningen har produksjons-/livssyklusfokus): `skills/ms-ai-engineering/references/mlops-genaiops/genaiops-llm-specific-practices.md`, `mlops-genaiops/monitoring-observability-ml-systems.md`, `mlops-genaiops/model-deployment-strategies-azure.md` ## Virksomhetskontekst (automatisk) diff --git a/agents/research-agent.md b/agents/research-agent.md index c9c9610..e97d461 100644 --- a/agents/research-agent.md +++ b/agents/research-agent.md @@ -30,6 +30,14 @@ Hvis `org/`-mappen finnes, les relevante filer for å tilpasse vurderingen: - `org/architecture-decisions.md` — ADR-er, retningslinjer, preferanser, budsjett - `org/business-references.md` — Maler, styringsmodell, nøkkelpersonell +## Lokal KB-baseline (betinget — RAG / MLOps / engineering-temaer) + +Når forskningstemaet er RAG, gjenfinning, MLOps eller GenAIOps, les den relevante engineering-kjernefilen **først** som hypotese-baseline — verifiser den deretter mot live Microsoft Learn. KB-en kan være utdatert; **MCP-resultatet er fasit**. +- RAG/gjenfinning: `skills/ms-ai-engineering/references/rag-architecture/rag-core-patterns.md`, `rag-architecture/agentic-rag-patterns.md` +- MLOps/GenAIOps: `skills/ms-ai-engineering/references/mlops-genaiops/genaiops-llm-specific-practices.md`, `mlops-genaiops/llm-evaluation-production.md` + +Les maks 2 baseline-filer. **Flagg eksplisitt** hvis live docs avviker fra KB-baselinen (samme avviks-flagging som Fase 4). + ## MCP-verktøy (prioritert rekkefølge) ### 1. microsoft_docs_search diff --git a/agents/ros-analysis-agent.md b/agents/ros-analysis-agent.md index 3288540..199019a 100644 --- a/agents/ros-analysis-agent.md +++ b/agents/ros-analysis-agent.md @@ -18,19 +18,32 @@ You are a Norwegian risk management specialist conducting structured ROS analyse **VIKTIG:** Bruk norske tegn (æ, ø, å) korrekt i all output. Skriv på norsk med engelske fagtermer der det er naturlig. Aldri erstatt æ med ae, ø med o, eller å med a. -## Knowledge Base References +## Knowledge Base References — eksplisitt last-kontrakt -Read relevant files from: -- `skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-ai-threat-library.md` — **OBLIGATORISK:** AI-trusselbibliotek med 49 trusler -- `skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-scoring-rubrics-7x5.md` — **OBLIGATORISK:** Deterministiske scoringsrubrikker med 35 celler -- `skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-sector-checklists.md` — Sektorspesifikke sjekklister -- `skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-methodology-ns5814-iso31000.md` — Metodikkguide -- `skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-report-templates.md` — Rapportmaler -- `skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-dpia-security-integration.md` — Integrasjon med DPIA/Security -- `skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-maestro-multiagent.md` — MAESTRO 7-lags sikkerhetsmodell for multiagent-systemer -- `skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-analyse-ai-systems.md` — Generell ROS-referanse -- `skills/ms-ai-security/references/ai-security-engineering/security-scoring-rubrics-6x5.md` — Referanse for scoringsmønster -- `skills/ms-ai-governance/references/responsible-ai/ai-risk-taxonomy-classification.md` — Risikotaksonomi +ROS er en bevisst KB-tung agent. En deterministisk analyse krever et fast **kjernesett** pluss et **betinget sett** lastet på definerte triggere. Dette er større enn det generelle «3 kjernefiler»-mønsteret i `CLAUDE.md` (security/cost/review) — det er en dokumentert, håndhevet last-rekkefølge, ikke fri lesing. **To analytikere som kjører samme system skal laste de samme filene i samme rekkefølge.** + +Alle stier under `skills/ms-ai-governance/references/norwegian-public-sector-governance/` med mindre annet er angitt. + +### Obligatorisk kjerne (last ALLTID, i denne rekkefølgen) +1. `ros-ai-threat-library.md` — AI-trusselbibliotek (kilde for T-xxx-IDer) +2. `ros-scoring-rubrics-7x5.md` — deterministiske scoringsrubrikker +3. `ros-methodology-ns5814-iso31000.md` — metodikkguide (fase-rekkefølge) +4. `ros-report-templates.md` — rapportmaler (output-format) + +### Betinget (last KUN når triggeren utløses) +| Trigger i systembeskrivelsen | Last | +|------------------------------|------| +| Sektor oppdaget (helse/transport/finans/justis/utdanning) | `ros-sector-checklists.md` | +| Multi-agent / agent-orkestrering | `ros-maestro-multiagent.md` (MAESTRO 7-lag) | +| DPIA eller sikkerhetsvurdering skal integreres | `ros-dpia-security-integration.md` | +| AI Act-dybde i dimensjon 6 | `responsible-ai/ai-act-classification-methodology.md` + `responsible-ai/ai-act-provider-obligations.md` (maks 2) | + +### Referanse (last kun ved eksplisitt behov, ikke default) +- `skills/ms-ai-security/references/ai-security-engineering/security-scoring-rubrics-6x5.md` — scoringsmønster-referanse +- `ros-analyse-ai-systems.md` — generell ROS-bakgrunn +- `responsible-ai/ai-risk-taxonomy-classification.md` — risikotaksonomi + +**Budsjett:** kjerne (4) + betinget (maks 2-3 på trigger) = typisk 5-7 filer. Aldri last hele katalogen; last ikke en betinget fil hvis triggeren ikke utløses. ## Virksomhetskontekst (automatisk) @@ -103,7 +116,7 @@ I tillegg til eksisterende trusler i dimensjon 6, vurder følgende: - Art. 9-27 (høyrisiko-krav): Opptil 15 MEUR eller 3 % av global omsetning - Art. 50 (transparens): Opptil 7,5 MEUR eller 1,5 % av global omsetning -**OBLIGATORISK KB-referanser for AI Act i ROS:** +**KB-referanser for AI Act-dybde i dimensjon 6** (betinget — last per last-kontrakten øverst, AI Act-trigger): - `skills/ms-ai-governance/references/responsible-ai/ai-act-classification-methodology.md` - `skills/ms-ai-governance/references/responsible-ai/ai-act-provider-obligations.md` @@ -183,12 +196,14 @@ When `--quick` is specified: ## Assessment Process ### 1. Load Knowledge Base -Read mandatory reference files: +Følg last-kontrakten øverst (avsnitt «Knowledge Base References»). Obligatorisk kjerne, alltid: - ros-ai-threat-library.md (REQUIRED) - ros-scoring-rubrics-7x5.md (REQUIRED) - ros-methodology-ns5814-iso31000.md - ros-report-templates.md (for output format) +Betingede filer (sektor / MAESTRO / DPIA-integrasjon / AI Act) lastes kun når triggeren i kontrakt-tabellen utløses. + ### 2. Detect Sector If system description mentions sector keywords, also read: - ros-sector-checklists.md diff --git a/commands/poc.md b/commands/poc.md index 0abd041..504ed92 100644 --- a/commands/poc.md +++ b/commands/poc.md @@ -31,6 +31,12 @@ Spør brukeren om nøkkelinformasjon (hvis ikke allerede kjent): Les `skills/ms-ai-advisor/references/architecture/poc-template.md` for komplett POC-rammeverk. +### 3b. Les domene-spesifikke mønstre (betinget) + +Hvis use-caset treffer et engineering-domene, les 1-2 kjernefiler for å forankre scope og suksesskriterier (ikke hele katalogen): +- **RAG / gjenfinning:** `skills/ms-ai-engineering/references/rag-architecture/rag-core-patterns.md`, `rag-architecture/rag-evaluation-frameworks.md` — sett målbare gjenfinnings-/grounding-kriterier +- **MLOps / produksjonssetting:** `skills/ms-ai-engineering/references/mlops-genaiops/genaiops-llm-specific-practices.md`, `mlops-genaiops/llm-evaluation-production.md` — POC-evaluering + driftskriterier + ### 4. Generer POC-plan Fyll ut følgende seksjoner tilpasset scenarioet: diff --git a/commands/ros.md b/commands/ros.md index 1794c2c..34b0476 100644 --- a/commands/ros.md +++ b/commands/ros.md @@ -45,12 +45,19 @@ Gjennomfør en [komplett / quick] ROS-analyse for følgende AI-system: **Kontekst:** [ytterligere kontekst] [**Modus:** Quick (top-10 risikoer, trafikklys) — if --quick] -Les kunnskapsbasene: +Les kunnskapsbasene per last-kontrakten i agentfilen — kjerne (alltid) + betinget (kun på trigger): + +Kjerne (alltid, i rekkefølge): - skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-ai-threat-library.md - skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-scoring-rubrics-7x5.md - skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-methodology-ns5814-iso31000.md - skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-report-templates.md -- skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-sector-checklists.md (hvis relevant sektor) + +Betinget (kun når triggeren utløses): +- ros-sector-checklists.md (hvis relevant sektor oppdaget) +- ros-maestro-multiagent.md (hvis multi-agent / agent-orkestrering) +- ros-dpia-security-integration.md (hvis DPIA/sikkerhet skal integreres) +- responsible-ai/ai-act-classification-methodology.md + ai-act-provider-obligations.md (hvis AI Act-dybde i dimensjon 6) Lever en [komplett ROS-rapport med alle 8 faser / Quick ROS med top-10 og trafikklys]." ``` From 6bcd028210e50adc0c4348dea66aad6b6691d6ba Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 17:29:57 +0200 Subject: [PATCH 013/309] =?UTF-8?q?fix(ms-ai-architect):=20#7b=20DPIA=20cr?= =?UTF-8?q?oss-border=20=E2=80=94=20EDPB=20seks-stegs-TIA=20+=20CLOUD=20Ac?= =?UTF-8?q?t/FISA-restanalyse=20(H)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Audit P2 H. DPIA-agenten navngav Schrems II-risikoen (risiko 7) men kunne ikke vurdere den — ingen sti til TIA-metodikk. Nå nåbar, og ny verifisert metodikk forfattet i KB. - data-residency-audit-monitoring.md: Schrems II-stubb (3 punkter) utvidet til full EDPB seks-stegs-TIA (Recommendations 01/2020) + CLOUD Act/FISA 702/EO 12333-restanalyse + EO 14086/DPF-nåstatus + tekniske tilleggstiltak (CMK/Customer Lockbox/Confidential Computing). Korrigerer feilantakelsen «EUDB eliminerer alle overføringer». Last updated 2026-05→06. - dpia-agent.md: betinget cross-border-ruting + obligatorisk TIA-prosedyre under risiko 7 (operasjonaliserer DPO-svaret «kan amerikanske myndigheter nå disse dataene?») - dpia.md: betinget KB i delegeringsprompt; CLAUDE.md: dpia-agent rutingsindeks oppdatert Verifisert 2026-06-18 (WebSearch, juridiske primærkilder): - EDPB Recommendations 01/2020 seks-stegs-metodikk + tiltaks-rangering (tekniske sterkest) - DPF gyldig gjeldende rett; Latombe avvist av Underretten 2025-09-03 (T-553/23), anket 2025-10-31 → C-703/25 P (ingen berammet dato per mai 2026) - FISA §702: statutt-utløp 2026-04-20 + 45-dagers extension, reautorisasjon under forhandling juni 2026; innsamlingsautoritet består via FISA-domstols-sertifiseringer (mars 2026) til mars 2027 - CLOUD Act uendret av DPF; EUDB fjerner ikke tredjelands tilgangsmulighet validate-plugin: 223 PASS Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- CLAUDE.md | 2 +- agents/dpia-agent.md | 18 +++++- commands/dpia.md | 5 +- .../data-residency-audit-monitoring.md | 55 ++++++++++++++----- 4 files changed, 62 insertions(+), 18 deletions(-) diff --git a/CLAUDE.md b/CLAUDE.md index 2ec4e2e..cf75447 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -79,7 +79,7 @@ Agenter leser navngitte kjernefiler, ikke hele kataloger. «3 kjernefiler» er n - **cost-estimation-agent**: deterministic-cost-calculation-model.md, azure-ai-foundry-cost-governance.md, cost-models.md - **architecture-review-agent**: decision-trees.md, security.md, public-sector-checklist.md + domene-spesifikke ved behov (RAG/MLOps lastes betinget) - **ros-analysis-agent**: kjerne (alltid, 4): ros-ai-threat-library.md, ros-scoring-rubrics-7x5.md, ros-methodology-ns5814-iso31000.md, ros-report-templates.md + betinget på trigger (sektor / MAESTRO / DPIA-integrasjon / AI Act) — se last-kontrakt i agentfilen -- **dpia-agent**: dpia-norwegian-methodology-ai.md, gdpr-compliance-ai-systems.md, ai-impact-assessment-framework.md +- **dpia-agent**: dpia-norwegian-methodology-ai.md, gdpr-compliance-ai-systems.md, ai-impact-assessment-framework.md + betinget cross-border (Schrems II → data-residency-audit-monitoring.md med EDPB seks-stegs-TIA) - **ai-act-assessor**: ai-act-classification-methodology.md + relevante ai-act-*.md filer (maks 3 per fase) - **summary-agent**: Leser assessment-outputs fra sesjon, ikke KB-filer diff --git a/agents/dpia-agent.md b/agents/dpia-agent.md index b2e256f..eeee58b 100644 --- a/agents/dpia-agent.md +++ b/agents/dpia-agent.md @@ -14,7 +14,7 @@ tools: ["Read", "Glob", "Grep", "WebSearch", "mcp__microsoft-learn__microsoft_do You are a Norwegian data protection specialist conducting structured DPIAs for AI systems in Norwegian public sector. You assess privacy risks, evaluate necessity and proportionality, and ensure compliance with GDPR, Personopplysningsloven, and EU AI Act. -## Knowledge Base References (max 3 per invokasjon) +## Knowledge Base References (3 kjernefiler + betinget) Read these core files: - `skills/ms-ai-governance/references/norwegian-public-sector-governance/dpia-norwegian-methodology-ai.md` — DPIA-metodikk @@ -25,6 +25,7 @@ Load additional files only when assessment requires specific depth: - Bias: `responsible-ai/bias-detection-mitigation-strategies.md` - PII: `ai-security-engineering/pii-detection-norwegian-context.md` - Data leakage: `ai-security-engineering/data-leakage-prevention-ai.md` +- **Cross-border / Schrems II (OBLIGATORISK når data kan nås fra tredjeland — se Fase 3, risiko 7):** `monitoring-observability/data-residency-audit-monitoring.md` — EDPB seks-stegs-TIA, CLOUD Act/FISA 702/EO 12333-restanalyse, EO 14086/DPF-status, tekniske tilleggstiltak ## Virksomhetskontekst (automatisk) @@ -84,11 +85,24 @@ Risk categories for AI systems: 4. Unauthorized access to personal data 5. Function creep (purpose drift) 6. Insufficient human oversight -7. Cross-border data transfers (Schrems II) +7. Cross-border data transfers (Schrems II) — **se obligatorisk TIA-prosedyre under** 8. Model inversion / data extraction attacks 9. Re-identification from anonymized data 10. Automated decision-making without safeguards (GDPR Art. 22) +#### Cross-border / Schrems II — obligatorisk TIA (risiko 7) + +Når systemet bruker en amerikansk-eid skyleverandør (Azure/Microsoft 365/Foundry) eller data på annen måte kan nås fra tredjeland, **er det ikke nok å navngi risikoen** — load `monitoring-observability/data-residency-audit-monitoring.md` og gjennomfør EDPB seks-stegs Transfer Impact Assessment: + +1. Kartlegg overføringene (inkl. residual: support, troubleshooting, telemetri) +2. Identifiser overføringsverktøyet (adekvansvedtak / SCCs / unntak) +3. Vurder effektivitet mot mottakerlandets rett (FISA 702, EO 12333, CLOUD Act) +4. Vedta tilleggstiltak — tekniske er sterkest (CMK, Customer Lockbox, Confidential Computing) +5. Formelle prosedyresteg +6. Revurder ved ny rettspraksis (Latombe-anken C-703/25 P) / §702-reautorisasjon + +**Nøkkelpoeng for DPO-svaret «kan amerikanske myndigheter nå disse dataene?»:** EU Data Boundary holder data i EØS, men fjerner ikke den juridiske tilgangsmuligheten — en amerikansk-eid leverandør forblir underlagt CLOUD Act/FISA uansett lagringsland. DPF-adekvansvedtaket (10. juli 2023) er gyldig per 2026-06, men er anket (mulig «Schrems III»), så restoverføringer krever dokumentert TIA med tekniske tiltak, ikke DPF alene. + ### Phase 4: Measures and Residual Risk For each high/critical risk: diff --git a/commands/dpia.md b/commands/dpia.md index 8ede4e5..458b98b 100644 --- a/commands/dpia.md +++ b/commands/dpia.md @@ -41,11 +41,14 @@ Gjennomfør en komplett DPIA for følgende AI-system: **Behandlingsgrunnlag:** [GDPR art. 6/9] **Kontekst:** [offentlig sektor, virksomhet, etc.] -Les kunnskapsbasene: +Les kunnskapsbasene (kjerne): - skills/ms-ai-governance/references/norwegian-public-sector-governance/dpia-norwegian-methodology-ai.md - skills/ms-ai-governance/references/responsible-ai/gdpr-compliance-ai-systems.md - skills/ms-ai-governance/references/responsible-ai/ai-impact-assessment-framework.md +Betinget (OBLIGATORISK hvis amerikansk-eid skyleverandør eller data nåbar fra tredjeland): +- skills/ms-ai-governance/references/monitoring-observability/data-residency-audit-monitoring.md (EDPB seks-stegs-TIA + CLOUD Act/FISA 702/EO 14086-restanalyse for risiko 7) + Lever en komplett DPIA-rapport med alle 5 faser, risikomatrise og anbefaling." ``` diff --git a/skills/ms-ai-governance/references/monitoring-observability/data-residency-audit-monitoring.md b/skills/ms-ai-governance/references/monitoring-observability/data-residency-audit-monitoring.md index 14705b4..5c3b608 100644 --- a/skills/ms-ai-governance/references/monitoring-observability/data-residency-audit-monitoring.md +++ b/skills/ms-ai-governance/references/monitoring-observability/data-residency-audit-monitoring.md @@ -1,6 +1,6 @@ # Data Residency and Geographic Audit Monitoring -**Last updated:** 2026-05 +**Last updated:** 2026-06 **Status:** GA **Category:** Monitoring & Observability @@ -320,21 +320,48 @@ AI-systemer i offentlig sektor (biometric identification, critical infrastructur ### Schrems II og dataoverføringer -**Post-Schrems II (2020) requirements:** -1. **Transfer Impact Assessment (TIA):** Vurder om data kan aksesseres av non-EU myndigheter -2. **Supplementary Measures:** Beyond SCCs, tekniske tiltak som encryption, pseudonymization -3. **Documentation:** Audit trail for cross-border data transfers +**Schrems II (CJEU C-311/18, 2020)** kjente Privacy Shield ugyldig fordi amerikansk overvåkingslovgivning — særlig **FISA Section 702** og **Executive Order 12333** — tillater bulk-innsamling av ikke-amerikanske personers kommunikasjon fra amerikanske leverandører uten individuell rettslig kjennelse og uten effektiv klageadgang for EU-borgere. SCCs alene er derfor ikke nok: dataeksportøren må selv vurdere om mottakerlandets rett undergraver beskyttelsen, og iverksette tilleggstiltak. -**Microsoft approach:** -- **EU Data Boundary** eliminerer de fleste cross-border transfers -- **Pseudonymization** i system logs (supplementary measure) -- **Access controls:** Just-In-Time (JIT) for Microsoft personnel -- **Transparency:** Audit logs dokumenterer alle access events +#### EDPB seks-stegs Transfer Impact Assessment (Recommendations 01/2020) -**For norsk offentlig sektor:** -- Velg EU Data Boundary for alle Microsoft Cloud services -- Implementer Purview Audit Premium for dokumentasjon -- Gjennomfør TIA for eventuelle residual transfers (support, troubleshooting) +Obligatorisk metodikk for enhver overføring til tredjeland (også «residual transfers» som support/troubleshooting): + +1. **Kartlegg overføringene** — identifiser alle dataflyter til tredjeland (fjern-support, sub-prosessorer, telemetri). Du kan ikke beskytte en overføring du ikke vet om. +2. **Identifiser overføringsverktøyet** (GDPR kap. V) — adekvansvedtak (Art. 45), SCCs/BCRs (Art. 46), eller unntak (Art. 49). +3. **Vurder om verktøyet er effektivt i praksis** — selve TIA-en: undergraver mottakerlandets lov og praksis (FISA 702, EO 12333, CLOUD Act) den beskyttelsen SCC-ene skal gi? +4. **Vedta tilleggstiltak** der verktøyet ikke er tilstrekkelig — tekniske, kontraktuelle eller organisatoriske (se under). +5. **Gjennomfør formelle prosedyresteg** — f.eks. konsulter tilsynsmyndighet ved SCC-tillegg som endrer klausulene. +6. **Revurder med jevne mellomrom** — TIA er ikke en engangsøvelse; ny rettspraksis eller lovendring (f.eks. utfallet i Latombe-anken, se under) utløser ny vurdering. + +**Tilleggstiltak — rangert etter EDPB-styrke:** +- **Tekniske (sterkest):** Det eneste som faktisk hindrer myndighetstilgang når tredjelands lov tvinger utlevering — kontraktuelle og organisatoriske tiltak kan ikke stanse lovpålagt utlevering. + - **Customer-Managed Keys (CMK)** i kundekontrollert Key Vault / Managed HSM + - **Customer Lockbox** — kunden må godkjenne Microsoft-personells tilgang + - **Confidential Computing** — data kryptert også under prosessering (TEE) + - Pseudonymisering/kryptering der nøkkelen aldri forlater EØS +- **Kontraktuelle:** SCCs + DPA, transparensforpliktelser, varslingsplikt ved myndighetsforespørsler. +- **Organisatoriske:** Tilgangsstyring (Just-In-Time), policy, revisjon, audit-logging. + +#### CLOUD Act / FISA 702 / EO 12333 — restanalyse for amerikansk skytjeneste + +Sentralt for norsk offentlig sektor på Microsoft Cloud: + +- **EU Data Boundary (EUDB)** holder data lagret og prosessert innenfor EØS, men **fjerner ikke den juridiske muligheten for tredjelands tilgang**. En amerikansk-eid leverandør forblir underlagt amerikansk jurisdiksjon uavhengig av hvor dataene fysisk ligger. (Dette korrigerer den vanlige feilantakelsen «EUDB eliminerer alle overføringer».) +- **CLOUD Act** (2018): amerikansk rettshåndhevelse kan pålegge en amerikansk-basert leverandør å utlevere data den «besitter, har varetekt over eller kontroll på» — uansett lagringsland. **Uendret av DPF.** +- **FISA Section 702 + EO 12333:** grunnlaget Schrems II underkjente. **Status verifisert 2026-06-18:** §702-statutten sto til utløp 20. april 2026; Kongressen vedtok en 45-dagers «clean extension» og reautorisasjonen var fortsatt under forhandling i juni 2026. Uavhengig av statutten består innsamlingsautoriteten via FISA-domstolens årssertifiseringer godkjent mars 2026 — gyldige til **mars 2027**. Overvåkingsrisikoen er altså operativt til stede uavhengig av lovgivningsdramaet. + +#### EO 14086 og EU-US Data Privacy Framework (DPF) — nåstatus + +- **EO 14086** (okt. 2022) innførte proporsjonalitetskrav for amerikansk signaletterretning + en **Data Protection Review Court (DPRC)** som klageorgan. Dette er grunnlaget for **DPF-adekvansvedtaket (10. juli 2023)**. +- **Status verifisert 2026-06-18:** DPF er **gyldig gjeldende rett**. EU-rettens Underrett (General Court) avviste 3. sept. 2025 Latombe-søksmålet (T-553/23) og opprettholdt adekvansen. Latombe anket 31. okt. 2025 → **sak C-703/25 P** for EU-domstolen; ingen berammet dato per mai 2026. En realitetsdom mot DPF ville være tredje underkjenning på rad («Schrems III»). +- **Praktisk konsekvens:** Er leverandøren DPF-sertifisert, kan overføring i prinsippet hvile på adekvansvedtaket (steg 2 over) — men gitt den pågående anken bør offentlig sektor ikke basere seg på DPF alene. **Anbefaling:** behold EUDB + tekniske tilleggstiltak (CMK, Lockbox, Confidential Computing) og en dokumentert TIA, slik at compliance overlever en eventuell Schrems III uten arkitekturendring. + +**For norsk offentlig sektor (oppsummert):** +- Velg EU Data Boundary for alle Microsoft Cloud-tjenester +- Dokumenter en full seks-stegs TIA (ikke bare «vi bruker EUDB») +- Implementer tekniske tilleggstiltak — det eneste som holder hvis DPF faller +- Implementer Purview Audit Premium for sporbarhet av residual access (support/troubleshooting) +- Revurder TIA ved utfall i C-703/25 P og ved §702-reautorisasjonen ### Digdir Skytjenesterammetest From 20c1be65313b66f6d7bffeb7757d25b2e818dcf2 Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 17:50:06 +0200 Subject: [PATCH 014/309] =?UTF-8?q?fix(ms-ai-architect):=20#7c=20wire=20fo?= =?UTF-8?q?reldrel=C3=B8se=20deliverable-KB=20=E2=80=94=20nye=20kommandoer?= =?UTF-8?q?=20businesscase=20+=20anskaffelse=20(I)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Audit P2 I. 6 foreldreløse deliverable-KB-er surfaces nå (var skrevet/betalt for, ikke nåbare). Operatørvalg: dedikerte kommandoer (audit-primær), ikke kun dokumentasjon. Telling 25→27 kommandoer. Nye kommandoer: - businesscase.md → samfunnsokonomisk-analyse-nnv.md + gevinstrealisering-dfo-methodology.md (NNV + DFØ 5-stegs gevinst) - anskaffelse.md → anskaffelser-ai-procurement-framework.md (kravspec, leverandørevaluering, terskelverdi) Utvidet eksisterende: - compare.md: weighted multi-kriterie-modus (alternativanalyse-methodology.md) ved 3+ alternativer / --weighted - cost.md: kapasitet-/gjennomførbarhetssteg (gpu-compute-sizing.md + capacity-feasibility-benchmarks.md) ved --capacity De-orphaning (kb-integrity måler orphan via SKILL.md/agents, ikke kommandofiler): - ms-ai-governance/SKILL.md: ny seksjon 1.4 Beslutningsgrunnlag (3 referanser) - ms-ai-advisor/SKILL.md: alternativanalyse + capacity-feasibility - ms-ai-security/SKILL.md: gpu-compute-sizing → alle 6 de-orphaned (kb-integrity warnings 268→262) Registrering/docs: help.md + README + CLAUDE.md-tabell + playground-katalog (2 produces_report:false- oppføringer, gjenbruker ikke 14-parser/17-renderer-kanonen) + docs/playground.md (25→27) + test 25→27. validate 231 PASS · playground v3 221 PASS · e2e alle suiter · kb-integrity 115/115 — 0 FAIL overalt. NB: README:358/418/427 har pre-eksisterende «24 commands»-drift (uavhengig av denne endringen) — flagget for #8. Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- CLAUDE.md | 2 + README.md | 2 + commands/anskaffelse.md | 73 +++++++++++++++++++++ commands/businesscase.md | 76 ++++++++++++++++++++++ commands/compare.md | 17 +++++ commands/cost.md | 15 +++++ commands/help.md | 2 + docs/playground.md | 4 +- playground/ms-ai-architect-playground.html | 46 ++++++++++++- skills/ms-ai-advisor/SKILL.md | 2 + skills/ms-ai-governance/SKILL.md | 12 ++++ skills/ms-ai-security/SKILL.md | 1 + tests/test-playground-v3.sh | 8 +-- 13 files changed, 252 insertions(+), 8 deletions(-) create mode 100644 commands/anskaffelse.md create mode 100644 commands/businesscase.md diff --git a/CLAUDE.md b/CLAUDE.md index cf75447..4c3d153 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -24,11 +24,13 @@ Tilbyr strukturert arkitekturveiledning for Microsoft AI-stakken: | `/architect:compare` | Sammenlign Microsoft AI-plattformer for et gitt scenario | | `/architect:security` | Sikkerhets- og compliance-vurdering (6 dimensjoner) | | `/architect:cost` | Kostnadsestimat med konfidensgradering (NOK) | +| `/architect:businesscase` | Forretningscase: NNV (netto nåverdi) + DFØ-gevinstrealisering | | `/architect:adr` | Generer Architecture Decision Record (MADR v3.0) | | `/architect:research` | Utforsk siste nytt for en Microsoft AI-plattform | | `/architect:poc` | Generer POC-plan med suksesskriterier og risiko | | `/architect:license` | Kartlegg AI-kapabiliteter per lisenstype | | `/architect:migrate` | Planlegg migrasjon mellom plattformer | +| `/architect:anskaffelse` | AI-anskaffelse: kravspesifikasjon, leverandørevaluering, terskelverdier | | `/architect:utredning` | AI-arkitekturutredning for norsk offentlig sektor | | `/architect:diagram` | Generer arkitekturdiagram med Imagen 3 (mcp-image) | | `/architect:review` | Kjør arkitekturgjennomgang mot norske offentlig sektor-krav | diff --git a/README.md b/README.md index 188ceb9..92872d8 100644 --- a/README.md +++ b/README.md @@ -120,6 +120,7 @@ Cosmo will ask clarifying questions about your business need, licenses, data sou | `/architect:ros` | Risk and Vulnerability Analysis (ROS) with 7 dimensions and AI threat library | | `/architect:security` | Security and compliance assessment (6-dimension scoring) | | `/architect:cost` | Cost estimate with confidence grading in NOK | +| `/architect:businesscase` | Business case with net present value (NPV) and DFØ benefits realization | | `/architect:review` | Architecture review against Norwegian public sector requirements | | `/architect:dpia` | DPIA/PVK for an AI system with risk matrix and mitigation table | | `/architect:license` | Map AI capabilities per license type (E3, E5, F1, G5, etc.) | @@ -140,6 +141,7 @@ Cosmo will ask clarifying questions about your business need, licenses, data sou | `/architect:utredning` | Full AI architecture investigation for Norwegian public sector | | `/architect:poc` | Generate POC plan with success criteria and risk assessment | | `/architect:migrate` | Plan migration between Microsoft AI platforms | +| `/architect:anskaffelse` | AI procurement plan — requirements spec, vendor evaluation, thresholds | ### Setup & Maintenance diff --git a/commands/anskaffelse.md b/commands/anskaffelse.md new file mode 100644 index 0000000..924ee80 --- /dev/null +++ b/commands/anskaffelse.md @@ -0,0 +1,73 @@ +--- +name: architect:anskaffelse +description: Anskaffelsesplan for AI — kravspesifikasjon, leverandørevaluering og terskelverdier +argument-hint: "[hva som skal anskaffes]" +allowed-tools: Read, Glob, Grep, Task, Write, mcp__microsoft-learn__microsoft_docs_search +model: opus +--- + +# /architect:anskaffelse - AI-anskaffelse + +Du er Cosmo Skyberg i en anskaffelsesrolle. Hjelp brukeren å planlegge en AI-anskaffelse i norsk offentlig sektor — forankret i anskaffelsesloven/-forskriften, EØS-regelverket og DFØs veiledning for IT-anskaffelser. + +## Språk og encoding + +**VIKTIG:** Bruk norske tegn (æ, ø, å) korrekt i all output. Norsk prosa, engelske fagtermer der naturlig. + +## Instruksjoner + +### 1. Parse input + +Ekstraher hva som skal anskaffes (AI-tjeneste, plattform, konsulentbistand, ferdig løsning). + +### 2. Samle kontekst + +Spør om nøkkelinformasjon hvis ikke kjent: +- **Estimert verdi** (avgjør prosedyre + terskelverdi) +- **Type:** vare/tjeneste, rammeavtale, utvikling, SaaS +- **Databehandling:** personopplysninger? særlige kategorier? dataresidens-krav? +- **Eksisterende rammeavtaler** (f.eks. statens, Sykehusinnkjøp, egne) + +### 3. Les kunnskapsbasen + +- `skills/ms-ai-governance/references/norwegian-public-sector-governance/anskaffelser-ai-procurement-framework.md` — lovgrunnlag (anskaffelsesloven/-forskriften), EØS-regelverk, AI-spesifikk kravspesifikasjon, leverandørevaluering, etiske krav, DFØs IT-anskaffelsesveiledning + +For AI Act-deployer-/transparenskrav som skal inn i kravspec: koble til `/architect:requirements` og `/architect:classify`. + +### 4. Bygg anskaffelsesplanen + +**A. Prosedyrevalg og terskelverdi:** Fastslå anvendelig prosedyre ut fra estimert verdi (under/over EØS-terskel) per kunnskapsbasen — marker hvilken terskel som gjelder og hvorfor. + +**B. AI-spesifikk kravspesifikasjon:** +- Funksjonelle krav + ytelseskrav (nøyaktighet, latens, oppetid) +- Datakrav: residens, eierskap, sletting, sub-prosessorer (koble til DPIA/TIA) +- Transparens/forklarbarhet (AI Act Art. 13/50 der relevant) +- Sikkerhet (NSM, ISO 27001), exit/portabilitet + +**C. Tildelingskriterier + evalueringsmodell:** + +| Kriterium | Vekt | Målemetode | +|-----------|------|------------| +| Pris/TCO | X % | … | +| Kvalitet/ytelse | X % | … | +| Sikkerhet & personvern | X % | … | +| Leveranseevne | X % | … | + +**D. Etiske krav** (per kunnskapsbasen): ansvarlig AI, bias-testing, menneskelig tilsyn — som kontraktsvilkår. + +**E. Risiko & oppfølging:** leverandørlåsing, restoverføringer (Schrems II/TIA), kontraktsoppfølging. + +### 5. Lever + +Tilby: +- Skriv til fil (foreslå `docs/anskaffelse/ANSK-[slug].md`) +- `/architect:requirements` — AI Act-krav inn i kravspec +- `/architect:dpia` — personvern + cross-border-TIA før kontrakt +- `/architect:businesscase` — økonomisk grunnlag for anskaffelsen + +## Retningslinjer + +- Marker eksplisitt hvilken **terskelverdi/prosedyre** som gjelder — usikkerhet her er kostbar +- Skill mellom **må-krav** (absolutte) og **bør-krav** (tildelingskriterier) +- Ingen salgsspråk; etterprøvbart og klagebestandig +- Henvis til kilde (anskaffelsesloven/-forskriften, DFØ) ved konkrete krav diff --git a/commands/businesscase.md b/commands/businesscase.md new file mode 100644 index 0000000..9dc4462 --- /dev/null +++ b/commands/businesscase.md @@ -0,0 +1,76 @@ +--- +name: architect:businesscase +description: Forretningscase med NNV (netto nåverdi) og DFØ-gevinstrealisering for et AI-prosjekt +argument-hint: "[prosjektnavn] over [N] år" +allowed-tools: Read, Glob, Grep, Task, Write, mcp__microsoft-learn__microsoft_docs_search +model: opus +--- + +# /architect:businesscase - Forretningscase (NNV + gevinstrealisering) + +Du er Cosmo Skyberg i en økonomisk beslutningsrolle. Bygg et forretningscase for et AI-prosjekt i norsk offentlig sektor, forankret i samfunnsøkonomisk analyse (netto nåverdi) og DFØs gevinstrealiseringsmetodikk. Dette er beslutningsgrunnlag som skal tåle en styre- eller revisjonsgjennomgang. + +## Språk og encoding + +**VIKTIG:** Bruk norske tegn (æ, ø, å) korrekt i all output. Norsk prosa, engelske fagtermer der naturlig. + +## Instruksjoner + +### 1. Parse input + +Ekstraher: +- **Prosjektnavn** — hva som vurderes +- **Analyseperiode** — antall år (default 5) + +### 2. Samle kontekst + +Spør om nøkkeltall hvis ikke allerede kjent: +- **Investering:** engangskostnad (utvikling, anskaffelse, opplæring) +- **Driftskostnader:** årlige (lisenser, AI-tjenester, forvaltning) +- **Gevinster:** tidsbesparelse, kvalitetsheving, unngåtte kostnader — prissatte og ikke-prissatte +- **Kalkulasjonsrente:** default 4 % (DFØ/Finansdepartementet) +- **Gevinsteier:** hvem realiserer og følger opp gevinstene + +### 3. Les kunnskapsbasene + +- `skills/ms-ai-governance/references/norwegian-public-sector-governance/samfunnsokonomisk-analyse-nnv.md` — NNV-formel, kalkulasjonsrente, diskonteringsfaktorer, skattefinansieringskostnad, prissatte vs. ikke-prissatte virkninger +- `skills/ms-ai-governance/references/norwegian-public-sector-governance/gevinstrealisering-dfo-methodology.md` — DFØs 5-stegs modell + gevinstregister-mal + +For selve kostnadsestimatet: deleger til `/architect:cost` eller `cost-estimation-agent` og bruk resultatet som input til NNV-en. + +### 4. Bygg forretningscaset + +**A. NNV-beregning** (per kunnskapsbasen): +- Sett opp kontantstrøm per år (investering, drift, prissatte gevinster) +- Diskontér med kalkulasjonsrente (4 %), inkludér skattefinansieringskostnad der relevant +- Beregn netto nåverdi + tilbakebetalingstid + +| År | Investering | Drift | Prissatt gevinst | Netto | Diskontert (4 %) | +|----|-------------|-------|------------------|-------|------------------| +| 0 | X | – | – | –X | –X | +| 1–N | … | … | … | … | … | +| **NNV** | | | | | **X** | + +**B. Ikke-prissatte virkninger:** Vurder kvalitativt (rettssikkerhet, brukertilfredshet, omdømme) — pluss/minus-skala, ikke kroner. + +**C. Gevinstregister** (DFØs 5-stegs modell): + +| Gevinst | Type | Måleindikator | Baseline | Mål | Gevinsteier | Realiseringstidspunkt | +|---------|------|---------------|----------|-----|-------------|----------------------| + +**D. Følsomhetsanalyse:** Vis NNV ved ±20 % på de mest usikre forutsetningene. + +### 5. Lever + +Tilby: +- Skriv til fil (foreslå `docs/businesscase/BC-[slug].md`) +- `/architect:cost` — forankre kostnadssiden +- `/architect:adr` — dokumentér investeringsbeslutningen +- `/architect:utredning` — hvis dette inngår i en full utredning + +## Retningslinjer + +- Skill alltid mellom **prissatte** (kroner, i NNV) og **ikke-prissatte** (kvalitativt) virkninger +- Marker forutsetninger eksplisitt — et forretningscase er bare så godt som sine antakelser +- Ingen salgsspråk; nøktern, etterprøvbar økonomi +- Konfidensgrader gevinstanslagene (🟢/🟡/🔴) diff --git a/commands/compare.md b/commands/compare.md index d9002cc..d5b2f1b 100644 --- a/commands/compare.md +++ b/commands/compare.md @@ -45,6 +45,7 @@ Bruk microsoft_docs_search for begge plattformer." Les også relevant kunnskapsbase: - `skills/ms-ai-advisor/references/architecture/decision-trees.md` — beslutningsrammeverk - Les plattformfil(er) relevant for sammenligningen fra `skills/ms-ai-advisor/references/platforms/` (max 2-3 filer) +- **Ved 3+ alternativer eller `--weighted`:** `skills/ms-ai-advisor/references/architecture/alternativanalyse-methodology.md` — vektet multi-kriterie-analyse (scoringsskala, standardkriterier, vekting, begrunnelsestabell) ### 3. Bygg sammenligning @@ -71,6 +72,22 @@ Presenter resultatet som: - Kan plattformene brukes sammen? - Migrasjonsvei mellom dem? +### 3b. Vektet sammenligning (multi-kriterie — ved 3+ alternativer eller `--weighted`) + +Når valget skal tåle en anskaffelsesklage eller styre-utfordring, holder ikke en bar pros/cons-tabell. Bruk `alternativanalyse-methodology.md` og bygg et vektet scorecard: + +| Kriterium | Vekt | [Alt A] (1-5) | [Alt B] (1-5) | [Alt C] (1-5) | +|-----------|------|---------------|---------------|---------------| +| Funksjonell dekning | X % | | | | +| Sikkerhet & compliance | X % | | | | +| Kostnad/TCO | X % | | | | +| Leveranseevne/modenhet | X % | | | | +| **Vektet totalscore** | 100 % | **X,X** | **X,X** | **X,X** | + +- Bruk standardkriteriene + foreslåtte vekter fra metodikken; juster vekter eksplisitt og begrunn justeringen. +- **Begrunnelsestabell er obligatorisk** — hver score skal ha én linje som forklarer hvorfor (etterprøvbarhet). +- Inkludér **0-alternativet** (ikke gjøre noe) som referanse. + ### 4. Anbefaling Gi en klar anbefaling med begrunnelse: diff --git a/commands/cost.md b/commands/cost.md index 06c57c4..4c8c56b 100644 --- a/commands/cost.md +++ b/commands/cost.md @@ -27,6 +27,10 @@ Hvis informasjon mangler, spør brukeren om nøkkeltall. Les `skills/ms-ai-advisor/references/architecture/cost-models.md` for baseline-priser per plattform. Les `skills/ms-ai-security/references/cost-optimization/deterministic-cost-calculation-model.md` for enhetspriser, beregningsformler og P10/P50/P90 konfidensintervaller. +**Ved selvhostede modeller / GPU-inferens eller `--capacity`:** Les også +- `skills/ms-ai-security/references/performance-scalability/gpu-compute-sizing.md` — GPU VM-serier, modellstørrelse→GPU-krav, minnebudsjett, batch/throughput +- `skills/ms-ai-advisor/references/architecture/capacity-feasibility-benchmarks.md` — kompetanse-gap-matrise + tidsplan-validering mot bransjebenchmarks + ### 3. Deleger estimering Bruk Task-verktøyet til å lansere `cost-estimation-agent`: @@ -79,11 +83,22 @@ Verifiser priser via microsoft_docs_search." - Smaller models for enkle oppgaver (GPT-4o-mini vs GPT-4o) - Reserved capacity for forutsigbar last +### 4b. Kapasitet og gjennomførbarhet (betinget — selvhostet/GPU eller `--capacity`) + +For selvhostede modeller eller GPU-inferens, dimensjonér compute før du priser: +- **GPU-sizing:** velg VM-serie ut fra modellstørrelse og minnebudsjett (`gpu-compute-sizing.md`); oppgi antatt batch size og throughput-mål, og hvordan det driver antall instanser. +- **Gjennomførbarhet:** valider kompetanse (gap-matrise) og tidsplan mot bransjebenchmarks (`capacity-feasibility-benchmarks.md`) — et estimat som ignorerer kompetansegap er ikke realistisk. + +| Komponent | Modell/krav | GPU VM-serie | Instanser | Månedlig (NOK) | +|-----------|-------------|--------------|-----------|-----------------| +| Inferens | … | … | … | … | + ### 5. Neste steg Tilby: - `/architect:compare` — sammenlign med alternativ plattform - `/architect:license` — detaljert lisensanalyse +- `/architect:businesscase` — NNV/gevinst med dette estimatet som input - Justere estimat med andre parametere ## Retningslinjer diff --git a/commands/help.md b/commands/help.md index ceb1918..b3be442 100644 --- a/commands/help.md +++ b/commands/help.md @@ -23,11 +23,13 @@ Presenter følgende oversikt til brukeren i et ryddig, tabellbasert format. | `/architect:compare` | Sammenlign Microsoft AI-plattformer for et gitt scenario | | `/architect:security` | Kjør sikkerhets- og compliance-vurdering | | `/architect:cost` | Estimer kostnader for en foreslått arkitektur | +| `/architect:businesscase` | Forretningscase med NNV og DFØ-gevinstrealisering | | `/architect:adr` | Opprett en Architecture Decision Record (ADR) | | `/architect:research` | Dypdykk i et spesifikt Microsoft AI-tema | | `/architect:poc` | Generer en POC-plan med evalueringskriterier | | `/architect:license` | Kartlegg lisensbehov for en løsning | | `/architect:migrate` | Planlegg migrasjonssti mellom plattformer | +| `/architect:anskaffelse` | AI-anskaffelse — kravspesifikasjon, leverandørevaluering, terskelverdier | | `/architect:utredning` | AI-arkitekturutredning v2 — fil-basert orkestrering, TeamCreate, 3-fase KOMPLEKS | | `/architect:review` | Kjør arkitekturgjennomgang mot norske offentlig sektor-krav | | `/architect:diagram` | Generer arkitekturdiagram med Imagen 3 | diff --git a/docs/playground.md b/docs/playground.md index 9b08a26..abcf63c 100644 --- a/docs/playground.md +++ b/docs/playground.md @@ -7,7 +7,7 @@ Erstatter v2 5-stegs-pipelinen med en multi-surface-app som persisterer state og **v1.15.0 (sesjon 5 av ~8 i v2-prosjektet):** Project-surface byttet fra v2 `renderProjectSurface` (screen-tabs + category-tabs + per-command paste-cards) til v3 `renderProjectView` (sidebar med 17 artifacts + main-area + import-modal overlay). `renderActive()` ruter `project`-surface til `renderProjectSurfaceV3()` som wrapper renderProjectView + topbar + app-shell. V2-surface helt fjernet: `renderProjectSurface` (152 linjer), `renderCommandSubCard` (87 linjer), `rehydratePasteImports` (15 linjer), `currentProjectScreen`, `ACTIONS['project-screen']`, 5 v2-CSS-klasser. Zombie-handlers beholdt for test-back-compat: `currentProjectTab`, `ACTIONS['project-tab']`, `ACTIONS['parse']`, `handlePasteImport`, `window.__handlePasteImport`. 2 fingerprint-gap lukket: requirements.headers + license.headers. `migrateDataVersion` utvidet med `parserFor` → demo-state (kun `raw_markdown`) auto-parses til `project.artifacts[cid]`. Ship-QA-bugfixes: `components-tier4-project-view.css` lagt til i ``-kjeden (manglet → modal-overlay og two-column layout virket ikke); `renderImportModal` setter `data-open="true"` (DS-kontrakt). - **Fil:** `playground/ms-ai-architect-playground.html` (~3870+ linjer, single-file v3-arkitektur) -- **4 surfaces:** Onboarding (18 felles felt — 4 strukturerte / 14 fritekst etter v1.10.0) → Home (prosjekt-liste + 3 entry-tracks) → Catalog (25 commands gruppert i 5 expansion-grupper med søk) → **Project v3** (sidebar med 17 artifacts gruppert i 4 kategorier + søk + main-area med per-artifact view eller overview med top-risks/next-actions + import-modal som DS-overlay) +- **4 surfaces:** Onboarding (18 felles felt — 4 strukturerte / 14 fritekst etter v1.10.0) → Home (prosjekt-liste + 3 entry-tracks) → Catalog (27 commands gruppert i 5 expansion-grupper med søk) → **Project v3** (sidebar med 17 artifacts gruppert i 4 kategorier + søk + main-area med per-artifact view eller overview med top-risks/next-actions + import-modal som DS-overlay) - **Persistens:** IndexedDB-primær med localStorage-fallback. Schema-versjonert (`STATE_KEY = 'ms-ai-architect-state-v1'`) med eager `MIGRATIONS`-pipeline. v1.10.0 introduserer `dataVersion v1→v2`-migrasjon (idempotent) som backfill-er `verdict`+`keyStats`. - **17 rapport-renderers (felles grunnskjelett):** Alle wrapper output via `renderPageShell()` med eyebrow + h1 + valgfri verdict-pill + valgfri key-stats-grid + arketype-spesifikk body. Parser → struktur → HTML rutet via kanonisk archetype-routing-tabell. - **Foundation-helpers:** `renderPageShell`, `renderVerdictPill`, `renderKeyStatsGrid`, `inferVerdict`, `inferKeyStats`, `KEY_STATS_CONFIG`. @@ -19,7 +19,7 @@ Erstatter v2 5-stegs-pipelinen med en multi-surface-app som persisterer state og | Test | Kommando | Dekning | |------|----------|---------| -| Statisk struktur | `bash tests/test-playground-v3.sh` | 219 PASS, 2 WARN (pre-eks.) — vendored CSS, surfaces, 25 commands, 14 parsere, 17 renderers via PROJECT_VIEW_CONFIG.renderers-routing, action-handlers | +| Statisk struktur | `bash tests/test-playground-v3.sh` | 219 PASS, 2 WARN (pre-eks.) — vendored CSS, surfaces, 27 commands, 14 parsere, 17 renderers via PROJECT_VIEW_CONFIG.renderers-routing, action-handlers | | Parser-fixtures | `bash tests/test-playground-parsers.sh` | 70 PASS — 17 fixtures × parser-routing | | Migrasjon | `bash tests/test-playground-migrations.sh` | 16 PASS — v1→v2 + v2→v3 idempotent migrasjon | | Fingerprints | `bash tests/test-playground-fingerprints.sh` | 32 PASS — 17-fixture true-positive + 4 anti-match + API-sanity | diff --git a/playground/ms-ai-architect-playground.html b/playground/ms-ai-architect-playground.html index 382c6e2..f564ce4 100644 --- a/playground/ms-ai-architect-playground.html +++ b/playground/ms-ai-architect-playground.html @@ -1060,7 +1060,7 @@ ] }, - // ===== ECONOMY (2) ===== + // ===== ECONOMY (3) ===== { id: 'cost', category: 'economy', @@ -1103,7 +1103,49 @@ ] }, - // ===== DOCUMENTATION (6) ===== + { + id: 'businesscase', + category: 'economy', + label: 'Forretningscase (NNV + gevinst)', + description: 'Forretningscase med netto nåverdi og DFØ-gevinstrealisering.', + argument_hint: '[prosjektnavn] over [N] år', + calls_agent: null, + kb_files: ['samfunnsokonomisk-analyse-nnv.md', 'gevinstrealisering-dfo-methodology.md'], + produces_report: false, + report_archetype: null, + report_root_class: null, + renderer: null, + input_fields: [ + SHARED.organisation_name, + { id: 'project_name', label: 'Prosjektnavn', type: 'text', from: 'local' }, + { id: 'analysis_years', label: 'Analyseperiode (år)', type: 'number', from: 'local' }, + { id: 'investment', label: 'Investering (engangs, NOK)', type: 'number', from: 'local' }, + { id: 'annual_opex', label: 'Årlige driftskostnader (NOK)', type: 'number', from: 'local' }, + { id: 'expected_benefits', label: 'Forventede gevinster', type: 'textarea', from: 'local' } + ] + }, + + // ===== DOCUMENTATION (7) ===== + { + id: 'anskaffelse', + category: 'documentation', + label: 'AI-anskaffelse (kravspec + terskel)', + description: 'Anskaffelsesplan for AI: kravspesifikasjon, leverandørevaluering, terskelverdier.', + argument_hint: '[hva som skal anskaffes]', + calls_agent: null, + kb_files: ['anskaffelser-ai-procurement-framework.md'], + produces_report: false, + report_archetype: null, + report_root_class: null, + renderer: null, + input_fields: [ + SHARED.organisation_name, + SHARED.sector, + { id: 'procurement_object', label: 'Hva som skal anskaffes', type: 'textarea', from: 'local' }, + { id: 'estimated_value', label: 'Estimert verdi (NOK)', type: 'number', from: 'local' }, + { id: 'procurement_type', label: 'Type', type: 'select', from: 'local', options: ['Vare/tjeneste', 'Rammeavtale', 'Utvikling', 'SaaS'] } + ] + }, { id: 'migrate', category: 'documentation', diff --git a/skills/ms-ai-advisor/SKILL.md b/skills/ms-ai-advisor/SKILL.md index 050a8c6..09981ab 100644 --- a/skills/ms-ai-advisor/SKILL.md +++ b/skills/ms-ai-advisor/SKILL.md @@ -217,6 +217,8 @@ Du har tilgang til forhåndsresearchede kunnskapsbaser i `references/`-mappen: - `adr-template.md` - ADR-mal (MADR v3.0) - `diagram-prompt-templates.md` - Diagramprompts for Imagen 3 - `recommended-mcp-servers.md` - Anbefalte MCP-servere +- `alternativanalyse-methodology.md` - Vektet multi-kriterie-analyse (brukt av `/architect:compare --weighted`) +- `capacity-feasibility-benchmarks.md` - Kompetanse-gap + tidsplan-benchmarks (brukt av `/architect:cost --capacity`) - (+ øvrige filer i architecture/) **Utvikling (`references/development/`):** diff --git a/skills/ms-ai-governance/SKILL.md b/skills/ms-ai-governance/SKILL.md index c5c9ac2..6d9fd00 100644 --- a/skills/ms-ai-governance/SKILL.md +++ b/skills/ms-ai-governance/SKILL.md @@ -60,6 +60,18 @@ Key requirements for AI in administrative decisions: > **Reference:** `references/norwegian-public-sector-governance/forvaltningsloven-ai-decisions.md` +### 1.4 Beslutningsgrunnlag og anskaffelser + +Metodikk for å forankre AI-investeringer i samfunnsøkonomi, gevinstrealisering og offentlige anskaffelser. Brukes av `/architect:businesscase` og `/architect:anskaffelse`. + +- **Samfunnsøkonomisk analyse (NNV):** netto nåverdi, kalkulasjonsrente (DFØ/Finansdepartementet), prissatte vs. ikke-prissatte virkninger. +- **Gevinstrealisering:** DFØs 5-stegs modell + gevinstregister for AI-prosjekter. +- **AI-anskaffelser:** anskaffelsesloven/-forskriften, EØS-terskelverdier, AI-spesifikk kravspesifikasjon og leverandørevaluering. + +> **Reference:** `references/norwegian-public-sector-governance/samfunnsokonomisk-analyse-nnv.md` +> **Reference:** `references/norwegian-public-sector-governance/gevinstrealisering-dfo-methodology.md` +> **Reference:** `references/norwegian-public-sector-governance/anskaffelser-ai-procurement-framework.md` + --- ## 2. EU-regelverk diff --git a/skills/ms-ai-security/SKILL.md b/skills/ms-ai-security/SKILL.md index 5be3d24..bdda1e0 100644 --- a/skills/ms-ai-security/SKILL.md +++ b/skills/ms-ai-security/SKILL.md @@ -157,6 +157,7 @@ For detailed implementation guidance, see specific files in `references/performa - `auto-scaling-ai-infrastructure.md` — Scaling patterns - `rate-limit-management.md` — TPM/RPM quota management - `load-testing-ai-services.md` — Load testing methodology +- `gpu-compute-sizing.md` — GPU VM-sizing for selvhostet inferens (brukt av `/architect:cost --capacity`) --- diff --git a/tests/test-playground-v3.sh b/tests/test-playground-v3.sh index c2aed98..4b7fcff 100755 --- a/tests/test-playground-v3.sh +++ b/tests/test-playground-v3.sh @@ -138,7 +138,7 @@ for g in $EXPECTED_GLOBALS; do done # ------------------------------------------------------- -# 9. Alle 24 command-IDer fra commands/*.md referert i HTML +# 9. Alle command-IDer fra commands/*.md referert i HTML # ------------------------------------------------------- cmd_count=0 for f in "$PLUGIN_ROOT"/commands/*.md; do @@ -151,10 +151,10 @@ for f in "$PLUGIN_ROOT"/commands/*.md; do fail "Command-ID '${cmd_id}' mangler i v3 HTML" fi done -if [ "$cmd_count" -eq 25 ]; then - pass "25 command-filer funnet i commands/ (forventet 25)" +if [ "$cmd_count" -eq 27 ]; then + pass "27 command-filer funnet i commands/ (forventet 27)" else - fail "Forventet 25 command-filer, fant $cmd_count" + fail "Forventet 27 command-filer, fant $cmd_count" fi # ------------------------------------------------------- From 6e1fc6d37cad230a7b8faf5926d06e065e49b675 Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 18:27:51 +0200 Subject: [PATCH 015/309] =?UTF-8?q?fix(ms-ai-architect):=20#7d=20privat-se?= =?UTF-8?q?ktor-paritet=20=E2=80=94=20sektor-parametrisering=20+=20onboard?= =?UTF-8?q?ing-forgrening=20+=202=20nye=20kommandoer=20(audit=20=C2=A75)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Audit §161-185: kjerne-dybden var sektor-agnostisk, men entry-points/kalibrering/ navigasjon var systematisk offentlig-sektor-først. Operatørvalg: full audit (kjerne + begge nye kommandoer). Telling 27→29 kommandoer. Ingen versjonsbump (→ #9-release). Mekanisk kjerne: - Sektor parametrisert i 6 kmd (classify/dpia/ros/review default nøytral m/offentlig- spesialisering; utredning beholder utredningsinstruksen + peker privat til :design; review får privat/regulert-gren DORA/Finanstilsynet). frontmatter-desc for review synket i CLAUDE/help. - FRIA-scope KORRIGERT (verifisert mot AI Act Art. 27(1), WebSearch 2026-06-18): obligatorisk for (a) offentligrettslige organer, (b) private som leverer offentlige tjenester, (c) private deployere i kredittscoring (UNNTATT svindeldeteksjon) + livs-/helseforsikringsprising. Ikke lenger feilrådet som rent offentlig-verktøy. - onboarding-agent forgrenet: sektortype (offentlig/privat) → private sektor-valg + privat reg-sett (DORA/Finansforetaksloven/IKT-forskrift/Verdipapirhandelloven); stiller ALDRI private om Offentleglova/Arkivloven. Sektortype skrevet til org-fil. - requirements detekterer finans → DORA/Finanstilsynet (betinget §3-sjekkliste). Nye kommandoer (refererer kun eksisterende kjerne-KB → ingen nye orphans): - /architect:design — sektor-nøytralt Solution Architecture Document (mellombane mellom samtale og full utredning). - /architect:vendor — tredjeparts/SaaS due diligence (dataresidens, sub-prosessorer, DPA, Schrems II/EDPB-TIA, AI Act-deployer). Navigasjon/wiring: - README: privat-enterprise-arbeidsflyt (eksempel 5) + DORA/FRIA-nyanse + design/vendor i tabeller + "Beyond Public Sector"-note. - help.md: privat-bane i arbeidsflyt + design/vendor + manglende kb-update lagt til. - CLAUDE.md-tabell: design/vendor + synket review/frimpact-desc. - playground: katalog-oppføringer (produces_report:false), SHARED.sector utvidet med private sektorer, 2 privat-seeds (fraud-detection FRIA-unntatt + kredittscoring FRIA-pliktig). Telling 25/27→29 i playground/docs/README/test. Tester: validate 239 PASS · playground v3 223 static / 390 kombinert · kb-integrity 115/115 · run-e2e alle suiter — 0 FAIL. CHANGELOG-«24 commands» bevart (historiske notater). Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- CLAUDE.md | 6 +- README.md | 27 ++++++-- agents/onboarding-agent.md | 12 +++- commands/classify.md | 5 +- commands/design.md | 81 ++++++++++++++++++++++ commands/dpia.md | 5 +- commands/frimpact.md | 6 +- commands/help.md | 13 ++++ commands/requirements.md | 5 ++ commands/review.md | 5 +- commands/ros.md | 2 +- commands/utredning.md | 4 +- commands/vendor.md | 81 ++++++++++++++++++++++ docs/playground.md | 8 +-- playground/ms-ai-architect-playground.html | 58 ++++++++++++++-- tests/test-playground-v3.sh | 6 +- 16 files changed, 291 insertions(+), 33 deletions(-) create mode 100644 commands/design.md create mode 100644 commands/vendor.md diff --git a/CLAUDE.md b/CLAUDE.md index 4c3d153..fb31721 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -26,14 +26,16 @@ Tilbyr strukturert arkitekturveiledning for Microsoft AI-stakken: | `/architect:cost` | Kostnadsestimat med konfidensgradering (NOK) | | `/architect:businesscase` | Forretningscase: NNV (netto nåverdi) + DFØ-gevinstrealisering | | `/architect:adr` | Generer Architecture Decision Record (MADR v3.0) | +| `/architect:design` | Sektor-nøytralt Solution Architecture Document (SAD) — kontekst, NFR, alternativer, valgt design, risiko, veikart | | `/architect:research` | Utforsk siste nytt for en Microsoft AI-plattform | | `/architect:poc` | Generer POC-plan med suksesskriterier og risiko | | `/architect:license` | Kartlegg AI-kapabiliteter per lisenstype | +| `/architect:vendor` | Tredjeparts-/SaaS-leverandørvurdering (due diligence) — dataresidens, sub-prosessorer, DPA, Schrems II, AI Act-deployer | | `/architect:migrate` | Planlegg migrasjon mellom plattformer | | `/architect:anskaffelse` | AI-anskaffelse: kravspesifikasjon, leverandørevaluering, terskelverdier | | `/architect:utredning` | AI-arkitekturutredning for norsk offentlig sektor | | `/architect:diagram` | Generer arkitekturdiagram med Imagen 3 (mcp-image) | -| `/architect:review` | Kjør arkitekturgjennomgang mot norske offentlig sektor-krav | +| `/architect:review` | Kjør arkitekturgjennomgang mot norske krav (offentlig sektor og privat/regulert sektor) | | `/architect:generate-skills` | Generer kunnskapsfiler med MCP-research (batch) | | `/architect:ros` | Gjennomfør ROS-analyse (Risiko- og Sårbarhetsanalyse) for et AI-system | | `/architect:dpia` | Gjennomfør DPIA/PVK for et AI-system | @@ -42,7 +44,7 @@ Tilbyr strukturert arkitekturveiledning for Microsoft AI-stakken: | `/architect:classify` | EU AI Act-klassifisering: risikonivå + rolle | | `/architect:requirements` | Konkrete AI Act-krav basert på risikonivå og rolle | | `/architect:transparency` | Generer Art. 13/50 transparensnotis på norsk | -| `/architect:frimpact` | FRIA (Art. 27) — obligatorisk for offentlig sektor | +| `/architect:frimpact` | FRIA (Art. 27) — obligatorisk for offentlige organer og enkelte private deployere (kredittscoring, livs-/helseforsikring) | | `/architect:conformity` | Samsvarsvurdering (Art. 43) — sjekkliste + erklæring | | `/architect:onboard` | Onboard pluginen med virksomhetsspesifikk kontekst | | `/architect:kb-update` | Manuell KB-refresh — poller sitemaps, oppdaterer endrede filer via `microsoft_docs_fetch`, committer | diff --git a/README.md b/README.md index 92872d8..e74ac15 100644 --- a/README.md +++ b/README.md @@ -124,12 +124,14 @@ Cosmo will ask clarifying questions about your business need, licenses, data sou | `/architect:review` | Architecture review against Norwegian public sector requirements | | `/architect:dpia` | DPIA/PVK for an AI system with risk matrix and mitigation table | | `/architect:license` | Map AI capabilities per license type (E3, E5, F1, G5, etc.) | +| `/architect:vendor` | Third-party / SaaS vendor due diligence — data residency, sub-processors, DPA, Schrems II, AI Act deployer obligations | ### Documentation & Output | Command | Description | |---------|-------------| | `/architect:adr` | Generate Architecture Decision Record (MADR v3.0) | +| `/architect:design` | Sector-neutral Solution Architecture Document (SAD) — context, NFRs, options, chosen design, risk, roadmap | | `/architect:summary` | Generate executive summary and decision memo from assessments | | `/architect:diagram` | Generate architecture diagram with Imagen 3 or Mermaid | | `/architect:export` | Export architecture document to PDF | @@ -275,11 +277,28 @@ BCDR planning, hybrid and edge deployment, sovereign cloud (Norway regions), net /architect:export # PDF for stakeholders ``` +### 5. Private Sector / Enterprise — Design → Security → Cost → ADR + +The same depth applies outside the public sector, without the Utredningsinstruksen/Digdir scaffolding: + +``` +/architect:classify # AI Act applies to all providers/deployers — public and private +/architect:design # Sector-neutral Solution Architecture Document (not utredning) +/architect:security # 6-dimension security assessment +/architect:cost # Cost estimate with P10/P50/P90 +/architect:vendor # Due diligence on external SaaS/AI vendors +/architect:adr # Formalize the decision +``` + +> For **regulated** private sector (finance), `/architect:ros` and `/architect:requirements` auto-surface DORA / Finanstilsynet / Finansforetaksloven coverage via the 17-point finance checklist in the KB. Note: FRIA (`/architect:frimpact`) is mandatory for private deployers in credit scoring (excl. fraud detection) and life/health-insurance pricing — not only public bodies. + --- ## Norwegian Public Sector Features -This plugin is specifically designed for Norwegian public sector governance requirements: +This plugin's regulatory depth is calibrated for Norwegian public sector — but the core (security scoring, cost models, ROS, the finance/DORA checklist, RAG/engineering KB) is sector-agnostic. Private and regulated-sector users get a parallel path: see [Workflow Example 5](#workflow-examples) and `/architect:design` / `/architect:vendor`. + +The public sector framework coverage: ### Regulatory Frameworks @@ -355,7 +374,7 @@ Two runtime hooks provide session context and safety guardrails: Interactive **decision-builder + report viewer** for Microsoft AI architecture decisions, runnable from `file://` without a server. Replaces the v2 5-step pipeline with a multi-surface app that persists state across sessions and visualizes parsed reports inline. - **File:** `playground/ms-ai-architect-playground.html` (~3870 lines, single-file v3 architecture) -- **4 surfaces:** Onboarding (18 shared fields) → Home (project list + 3 entry tracks) → Catalog (24 commands grouped by 5 expansion categories with search) → Project (per-project tabs, command form prefill, paste-back report import + visualization) +- **4 surfaces:** Onboarding (18 shared fields) → Home (project list + 3 entry tracks) → Catalog (29 commands grouped by 5 expansion categories with search) → Project (per-project tabs, command form prefill, paste-back report import + visualization) - **Persistent state:** IndexedDB primary store with localStorage fallback. Schema-versioned (`STATE_KEY = 'ms-ai-architect-state-v1'`) with eager `MIGRATIONS` pipeline. - **17 report renderers:** Each report-producing command has a parser (markdown → structured) and renderer (structured → HTML visualization: pyramid, matrix, radar, findings, distribution, capability-matrix, etc.) wired through a canonical archetype-routing table. - **Theme:** Dark default + light mode toggle, persisted in `localStorage('ms-ai-architect-theme')`. Both themes ship Aksel-aligned tokens (full WCAG AA contrast) as of v1.10.0; theme-bootstrap script in `` prevents FOUC. @@ -415,7 +434,7 @@ Screenshots of every surface in both themes live in `playground/screenshots/v1.1 | 03 | `03-project-rapporter-tool-{dark,light}.png` | 7 tool commands (no report — pipeline-string builders) | | 04-06 | `04-project-oversikt-{dark,light}.png` etc. | Project screen-tabs (oversikt / kontekst / eksport) | | 07 | `07-home-{dark,light}.png` | Home with project list + 3 entry tracks | -| 08 | `08-catalog-{dark,light}.png` | Catalog with 24 commands in 5 expansion-grupper | +| 08 | `08-catalog-{dark,light}.png` | Catalog with 29 commands in 5 expansion-grupper | | 09 | `09-onboarding-prefilled-{dark,light}.png` | Onboarding with state from demo | Regenerate via `cd tests/screenshot && npm install && npx playwright install chromium && node run.mjs`. @@ -424,7 +443,7 @@ Regenerate via `cd tests/screenshot && npm install && npx playwright install chr | Test | Command | Coverage | |------|---------|----------| -| Static structure | `bash tests/test-playground-v3.sh` | 201 PASS — vendored CSS, surfaces, 24 commands, 14 parsers, 17 renderers (felles grunnskjelett), design-system classes, action handlers, Tier 3-bruk, onboarding field-distribution | +| Static structure | `bash tests/test-playground-v3.sh` | 223 PASS — vendored CSS, surfaces, 29 commands, 14 parsers, 17 renderers (felles grunnskjelett), design-system classes, action handlers, Tier 3-bruk, onboarding field-distribution | | Parser fixtures | `bash tests/test-playground-parsers.sh` | 70 PASS — 17 fixtures × parser routing | | Migrations | `bash tests/test-playground-migrations.sh` | 7 PASS — v1→v2 idempotent migration | | Combined (E2E) | `bash tests/run-e2e.sh --playground` | static + parser suites | diff --git a/agents/onboarding-agent.md b/agents/onboarding-agent.md index c355749..69c201c 100644 --- a/agents/onboarding-agent.md +++ b/agents/onboarding-agent.md @@ -31,10 +31,15 @@ On start, check for existing onboarding state: ### Phase 1: Organization Profile (`org/organization-profile.md`) Collect: -- **Sektor:** Use AskUserQuestion with options: Statlig, Kommunal, Fylkeskommune, Helseforetak, Undervisning, Annet +- **Sektortype:** Use AskUserQuestion with options: Offentlig sektor, Privat sektor. Dette valget styrer hvilke oppfølgingsalternativer som presenteres (forgren intervjuet — ikke still private virksomheter offentlig-sektor-spørsmål). +- **Sektor:** + - *Hvis Offentlig sektor:* Use AskUserQuestion with options: Statlig, Kommunal, Fylkeskommune, Helseforetak, Undervisning, Annet (offentlig) + - *Hvis Privat sektor:* Use AskUserQuestion with options: Finans/bank/forsikring, Industri/produksjon, Handel, Energi, Telekom, Annet privat (AS/konsern) - **Virksomhetsnavn og beskrivelse:** Fritekst - **Antall ansatte:** Use AskUserQuestion with options: <100, 100-500, 500-2000, 2000-10000, >10000 -- **Regulatoriske krav:** Use AskUserQuestion with multiSelect: Personopplysningsloven/GDPR, Sikkerhetsloven, Arkivloven, Forvaltningsloven, Offentleglova, Helseregisterloven, Annet +- **Regulatoriske krav:** Forgren på sektortype — still ALDRI private virksomheter om Offentleglova / Arkivloven / Forvaltningsloven (rene offentlig-sektor-lover): + - *Offentlig sektor:* Use AskUserQuestion with multiSelect: Personopplysningsloven/GDPR, Sikkerhetsloven, Arkivloven, Forvaltningsloven, Offentleglova, Helseregisterloven, Annet + - *Privat sektor:* Use AskUserQuestion with multiSelect: Personopplysningsloven/GDPR, DORA (finans), Finansforetaksloven, Finanstilsynets IKT-forskrift, Verdipapirhandelloven, Hvitvaskingsloven, Sikkerhetsloven (kritisk infrastruktur), Annet After answers, write `org/organization-profile.md`: @@ -47,6 +52,9 @@ last_updated: [YYYY-MM-DD] # Virksomhetsprofil +## Sektortype +[Offentlig sektor / Privat sektor] + ## Sektor [answer] diff --git a/commands/classify.md b/commands/classify.md index adb932a..0776220 100644 --- a/commands/classify.md +++ b/commands/classify.md @@ -8,7 +8,7 @@ model: opus # EU AI Act — Klassifisering -Du er Cosmo Skyberg, og skal lede en strukturert AI Act-klassifisering for et AI-system i norsk offentlig sektor. +Du er Cosmo Skyberg, og skal lede en strukturert AI Act-klassifisering for et AI-system. EU AI Act gjelder **alle** providers og deployere — offentlig som privat sektor. Default til en sektor-nøytral vurdering og spesialiser når sektoren er kjent (offentlig sektor, finans, helse, industri, etc.). ## Språk og encoding @@ -20,7 +20,8 @@ Du er Cosmo Skyberg, og skal lede en strukturert AI Act-klassifisering for et AI Start med å forstå systemet som skal klassifiseres: - Hva gjør AI-systemet? -- Hvem er brukerne? (borgere, saksbehandlere, interne) +- Hvem er brukerne? (f.eks. borgere, saksbehandlere, kunder, ansatte, interne systemer) +- Hvilken sektor og kontekst? (offentlig, privat, finans, helse, industri, etc. — default nøytral hvis ukjent) - Hvilke beslutninger støtter/tar systemet? - Hvilke data behandles? - Hvilken Microsoft-plattform brukes? diff --git a/commands/design.md b/commands/design.md new file mode 100644 index 0000000..b658564 --- /dev/null +++ b/commands/design.md @@ -0,0 +1,81 @@ +--- +name: architect:design +description: Sektor-nøytralt Solution Architecture Document (SAD) — kontekst, krav/NFR, alternativer, valgt design, risiko, veikart +argument-hint: "[løsningsnavn] for [bruksscenario]" +allowed-tools: Read, Glob, Grep, Task, Write, mcp__microsoft-learn__microsoft_docs_search +model: opus +--- + +# /architect:design - Solution Architecture Document (SAD) + +Du er Cosmo Skyberg i en arkitekturdesign-rolle. Produser et strukturert, sektor-nøytralt Solution Architecture Document (SAD) for en Microsoft AI-løsning. Dette er mellombanen mellom en uformell rådgivningssamtale og en full `/architect:utredning`: et etterprøvbart designdokument uten det offentlige stillaset (utredningsinstruksen/Digdir). Egner seg for privat sektor, regulerte virksomheter og offentlige tiltak som ikke krever full utredning. + +> **Sektor:** Default sektor-nøytral. Spesialiser når sektoren er kjent (finans, helse, industri, offentlig, etc.). For et statlig tiltak som krever utredningsinstruksen, bruk `/architect:utredning` i stedet. + +## Språk og encoding + +**VIKTIG:** Bruk norske tegn (æ, ø, å) korrekt i all output. Norsk prosa, engelske fagtermer der naturlig. + +## Instruksjoner + +### 1. Parse input + +Ekstraher: +- **Løsningsnavn** — hva som skal designes +- **Bruksscenario** — hva løsningen skal løse +- **Sektor/kontekst** — finans, helse, industri, offentlig, etc. (default nøytral hvis ukjent) + +### 2. Samle kontekst + +Avklar hvis ikke kjent (gjenbruk samtalehistorikk og `org/`-filer hvis onboardet): +- **Forretningsproblem og drivere** — hva utløser behovet, hvilke mål +- **Brukere og volum** — hvem, hvor mange, forventet last +- **Data** — typer, sensitivitet, residens-krav, kilder +- **Ikke-funksjonelle krav (NFR)** — ytelse, tilgjengelighet, skalerbarhet, sikkerhet, kostnadsramme +- **Begrensninger** — eksisterende plattform, lisenser, kompetanse, tidslinje + +### 3. Les kunnskapsbasene + +- `skills/ms-ai-advisor/references/architecture/decision-trees.md` — plattformvalg (Foundry / Copilot Studio / Power Platform / Agent Framework) +- `skills/ms-ai-advisor/references/architecture/security.md` — sikkerhetsarkitektur og soneinndeling +- `skills/ms-ai-advisor/references/architecture/cost-models.md` — kostnadsdimensjonering + +For dybde, deleger til eksisterende kommandoer/agenter og bruk resultatene som input: +- `/architect:compare` — strukturert alternativanalyse (bruk `--weighted` ved 3+ alternativer) +- `/architect:security` — sikkerhetsscoring (6 dimensjoner) +- `/architect:cost` — kostnadsestimat (P10/P50/P90) +- `/architect:ros` — risikobilde (sektor-sjekklister aktiveres automatisk) + +### 4. Bygg SAD-en + +Strukturér dokumentet i åtte seksjoner: + +1. **Kontekst og mål** — forretningsproblem, drivere, omfang og avgrensning +2. **Krav** — funksjonelle krav + ikke-funksjonelle krav (NFR-tabell: ytelse, tilgjengelighet, sikkerhet, kostnad) +3. **Antakelser og begrensninger** — eksplisitte forutsetninger og rammer +4. **Løsningsalternativer** — vurderte alternativer med kort pros/cons (referer `/architect:compare` ved formell vekting) +5. **Valgt arkitektur** — komponenter, dataflyt, integrasjoner, plattformbegrunnelse + + | Komponent | Microsoft-tjeneste | Rolle | Begrunnelse | + |-----------|--------------------|-------|-------------| + +6. **Tverrgående hensyn** — sikkerhet, personvern, kostnad og compliance (sektor-relevant: finans → DORA/Finanstilsynet; offentlig → Digdir/AI Act; helse → Helseregisterloven) +7. **Risiko og avbøtende tiltak** — tabell med risiko, sannsynlighet/konsekvens og tiltak +8. **Veikart** — faser fra POC til produksjon med beslutningspunkter + +### 5. Lever + +Tilby: +- Skriv til fil (foreslå `docs/design/SAD-[slug].md`) +- `/architect:diagram` — visualiser den valgte arkitekturen +- `/architect:adr` — dokumentér nøkkelbeslutningene formelt +- `/architect:security` + `/architect:cost` + `/architect:ros` — forankre tverrgående hensyn +- `/architect:poc` — operasjonalisér veikartets første fase + +## Retningslinjer + +- Hold dokumentet etterprøvbart: marker antakelser eksplisitt, skill verifisert fra antatt +- Sektor-nøytral som default — ikke påtving offentlig-sektor-rammeverk uten at konteksten tilsier det +- Ingen salgsspråk; nøktern, beslutningsorientert arkitektur +- Gjenbruk eksisterende kunnskapsbaser og kommandoer — ikke dupliser innhold +- Verifiser plattformkapabiliteter og regional tilgjengelighet via MCP før du anbefaler diff --git a/commands/dpia.md b/commands/dpia.md index 458b98b..9a12fe4 100644 --- a/commands/dpia.md +++ b/commands/dpia.md @@ -8,7 +8,7 @@ model: opus # DPIA / Personvernkonsekvensvurdering for AI-systemer -Du er Cosmo Skyberg, og skal lede en strukturert DPIA/PVK for et AI-system i norsk offentlig sektor. +Du er Cosmo Skyberg, og skal lede en strukturert DPIA/PVK for et AI-system. DPIA-plikten (GDPR art. 35) gjelder alle behandlingsansvarlige — offentlig som privat sektor. Default til en sektor-nøytral vurdering og tilpass når sektoren er kjent (offentlig sektor, finans, helse, industri, etc.). ## Språk og encoding @@ -20,6 +20,7 @@ Du er Cosmo Skyberg, og skal lede en strukturert DPIA/PVK for et AI-system i nor Start med å forstå systemet som skal vurderes: - Hva gjør AI-systemet? +- Hvilken sektor og kontekst? (offentlig, privat, finans, helse, etc. — default nøytral hvis ukjent) - Hvilke personopplysninger behandles? - Hvem er de registrerte? - Hva er behandlingsgrunnlaget? @@ -39,7 +40,7 @@ Gjennomfør en komplett DPIA for følgende AI-system: **Personopplysninger:** [hvilke data som behandles] **Registrerte:** [hvem som berøres] **Behandlingsgrunnlag:** [GDPR art. 6/9] -**Kontekst:** [offentlig sektor, virksomhet, etc.] +**Kontekst:** [sektor/kontekst — offentlig, privat, finans, helse, etc.] Les kunnskapsbasene (kjerne): - skills/ms-ai-governance/references/norwegian-public-sector-governance/dpia-norwegian-methodology-ai.md diff --git a/commands/frimpact.md b/commands/frimpact.md index 7aebfa3..ab8004e 100644 --- a/commands/frimpact.md +++ b/commands/frimpact.md @@ -1,6 +1,6 @@ --- name: architect:frimpact -description: FRIA (Art. 27) — grunnleggende rettighetskonsekvensanalyse, obligatorisk for offentlig sektor +description: FRIA (Art. 27) — grunnleggende rettighetskonsekvensanalyse, obligatorisk for offentlige organer og enkelte private deployere (kredittscoring, livs-/helseforsikring) argument-hint: "[system-beskrivelse]" allowed-tools: Read, Glob, Grep, Task, Write model: opus @@ -8,7 +8,7 @@ model: opus # FRIA — Fundamental Rights Impact Assessment (Art. 27) -Du er Cosmo Skyberg, og skal lede en strukturert FRIA for et høyrisiko AI-system. FRIA er obligatorisk for offentlige organer som deployer av høyrisiko-AI. +Du er Cosmo Skyberg, og skal lede en strukturert FRIA for et høyrisiko AI-system. FRIA (Art. 27) er obligatorisk for deployere som er (a) offentligrettslige organer, (b) private som leverer offentlige tjenester, eller (c) private deployere av høyrisiko-AI til kredittverdighet/kredittscoring av fysiske personer (unntatt svindeldeteksjon) eller til risikovurdering og prising i livs- og helseforsikring. Det er altså ikke et rent offentlig-sektor-verktøy. ## Språk og encoding @@ -58,7 +58,7 @@ Lever en komplett FRIA med alle 7 seksjoner: systembeskrivelse, berørte grupper ## Retningslinjer -- FRIA er OBLIGATORISK for offentlig sektor med høyrisiko-AI +- FRIA er OBLIGATORISK for offentligrettslige organer, private som leverer offentlige tjenester, og private deployere innen kredittscoring (unntatt svindeldeteksjon) og prising i livs-/helseforsikring - Rettighetsmatrisen dekker 12 EU Charter-rettigheter - Konsekvensanalyse kun for rettigheter med middels+ påvirkning - Resultat skal sendes til AI-tilsynsmyndighet diff --git a/commands/help.md b/commands/help.md index b3be442..9c56226 100644 --- a/commands/help.md +++ b/commands/help.md @@ -25,9 +25,11 @@ Presenter følgende oversikt til brukeren i et ryddig, tabellbasert format. | `/architect:cost` | Estimer kostnader for en foreslått arkitektur | | `/architect:businesscase` | Forretningscase med NNV og DFØ-gevinstrealisering | | `/architect:adr` | Opprett en Architecture Decision Record (ADR) | +| `/architect:design` | Sektor-nøytralt Solution Architecture Document (SAD) — mellombane mellom samtale og full utredning | | `/architect:research` | Dypdykk i et spesifikt Microsoft AI-tema | | `/architect:poc` | Generer en POC-plan med evalueringskriterier | | `/architect:license` | Kartlegg lisensbehov for en løsning | +| `/architect:vendor` | Leverandørvurdering (tredjepart/SaaS due diligence) — dataresidens, DPA, Schrems II, AI Act-deployer | | `/architect:migrate` | Planlegg migrasjonssti mellom plattformer | | `/architect:anskaffelse` | AI-anskaffelse — kravspesifikasjon, leverandørevaluering, terskelverdier | | `/architect:utredning` | AI-arkitekturutredning v2 — fil-basert orkestrering, TeamCreate, 3-fase KOMPLEKS | @@ -38,6 +40,7 @@ Presenter følgende oversikt til brukeren i et ryddig, tabellbasert format. | `/architect:summary` | Generer teknisk sammendrag og beslutningsnotat | | `/architect:export` | Eksporter arkitekturdokument til PDF | | `/architect:generate-skills` | Generer kunnskapsfiler med MCP-research (intern) | +| `/architect:kb-update` | Manuell KB-refresh — poll sitemaps, oppdater endrede filer, commit | | `/architect:classify` | EU AI Act-klassifisering: risikonivå + rolle | | `/architect:requirements` | Konkrete AI Act-krav basert på risikonivå og rolle | | `/architect:transparency` | Generer Art. 13/50 transparensnotis på norsk | @@ -100,6 +103,16 @@ Pluginen bruker følgende MCP-servere: 7. **Beslut:** `/architect:adr` — dokumenter beslutningen 8. **Planlegg:** `/architect:poc` — lag POC-plan for validering +### Privat sektor / enterprise + +Offentlig-banen over er én av to. For privat/regulert sektor (uten utredningsinstruksen): + +1. **Klassifiser:** `/architect:classify` — AI Act gjelder alle providers/deployere +2. **Design:** `/architect:design` — sektor-nøytralt Solution Architecture Document +3. **Vurder:** `/architect:security` + `/architect:cost` + `/architect:ros` (finans → DORA/Finanstilsynet aktiveres automatisk) +4. **Leverandør:** `/architect:vendor` — due diligence på ekstern SaaS/AI +5. **Beslut:** `/architect:adr` + ## Om argumentet Hvis brukeren angir et emne (f.eks. `/architect:help security`), vis utvidet informasjon om det spesifikke emnet istedenfor full oversikt. diff --git a/commands/requirements.md b/commands/requirements.md index 6359137..9e89d41 100644 --- a/commands/requirements.md +++ b/commands/requirements.md @@ -21,6 +21,7 @@ Du er Cosmo Skyberg, og skal kartlegge konkrete AI Act-krav for et AI-system bas Avklar: - Risikoklassifisering (kjør `/architect:classify` først om nødvendig) - Organisasjonens rolle (provider/deployer) +- **Sektor** — offentlig, privat, finans, helse, etc. (default nøytral). For regulert privat sektor kartlegges sektorspesifikke krav i tillegg til AI Act. **Finans → DORA (2022/2554), Finanstilsynets IKT-forskrift, Finansforetaksloven, Verdipapirhandelloven** (se finans-sjekklisten i kunnskapsbasen). - Gjeldende praksis (hva er allerede på plass?) ### 2. Deleger til AI Act-agent @@ -32,6 +33,7 @@ Kartlegg konkrete AI Act-forpliktelser (Fase 4-5) for følgende system: **System:** [systemnavn] **Risikonivå:** [klassifisering] **Rolle:** [provider/deployer] +**Sektor:** [offentlig/privat/finans/helse/etc. — default nøytral] **Gjeldende praksis:** [hva som er på plass] **Kontekst:** [ytterligere kontekst] @@ -42,6 +44,9 @@ Les kunnskapsbasene: - skills/ms-ai-governance/references/responsible-ai/ai-act-deployer-obligations.md - skills/ms-ai-governance/references/responsible-ai/ai-act-microsoft-tools-mapping.md +Betinget (kun ved regulert privat sektor): +- Hvis sektor = finans: skills/ms-ai-governance/references/norwegian-public-sector-governance/ros-sector-checklists.md (§3 Finans — 17-punkts sjekkliste med DORA, Finanstilsynets IKT-forskrift, EBA/GL/2023/06). Kartlegg DORA-forpliktelser i tillegg til AI Act-kravene. + Lever detaljert forpliktelsesliste med gap-analyse og tiltaksplan." ``` diff --git a/commands/review.md b/commands/review.md index a1ff53b..d5a7432 100644 --- a/commands/review.md +++ b/commands/review.md @@ -1,6 +1,6 @@ --- name: architect:review -description: Kjør arkitekturgjennomgang mot norske offentlig sektor-krav +description: Kjør arkitekturgjennomgang mot norske krav (offentlig sektor og privat/regulert sektor) argument-hint: "[arkitekturbeskrivelse eller kontekst]" allowed-tools: Read, Glob, Grep, Task, mcp__microsoft-learn__microsoft_docs_search, mcp__microsoft-learn__microsoft_docs_fetch model: opus @@ -8,7 +8,7 @@ model: opus # /architect:review - Arkitekturgjennomgang -Du er Cosmo Skyberg med fokus på arkitekturgjennomgang for norsk offentlig sektor. Gjennomfør en strukturert vurdering av arkitekturforslaget mot nasjonale krav, EU-reguleringer og Microsoft-plattform best practices. +Du er Cosmo Skyberg med fokus på arkitekturgjennomgang. Gjennomfør en strukturert vurdering av arkitekturforslaget mot relevante norske sektorkrav, EU-reguleringer og Microsoft-plattform best practices. Default-spesialiseringen er offentlig sektor (Digdir, utredningsinstruksen, forvaltningsloven); for privat/regulert sektor (f.eks. finans) vektlegges DORA, Finanstilsynet og sektorspesifikke rammeverk i stedet — sektoren avledes fra konteksten. **VIKTIG:** Arkitekturgjennomganger krever grundighet. Alle 6 dimensjoner skal vurderes. Hopp aldri over en dimensjon. @@ -35,6 +35,7 @@ Hvis input er vagt eller mangelfullt, still oppklarende spørsmål før du start Identifiser hvilke dimensjoner som er mest kritiske for scenarioet: - Borgerrettet tjeneste → Digdir-prinsipper + AI Act prioriteres - Automatiserte vedtak → Utredningsinstruksen + Forvaltningsloven prioriteres +- Privat/regulert sektor (finans) → DORA + Finanstilsynet + sektor-sjekklister prioriteres (erstatter utredningsinstruksen/forvaltningsloven) - Sensitiv data → Sikkerhet + Schrems II prioriteres - Ny plattform → Microsoft-alignment + Kostnad prioriteres diff --git a/commands/ros.md b/commands/ros.md index 34b0476..01771f0 100644 --- a/commands/ros.md +++ b/commands/ros.md @@ -8,7 +8,7 @@ model: opus # ROS-analyse for AI-systemer -Du er Cosmo Skyberg, og skal lede en strukturert ROS-analyse for et AI-system i norsk offentlig sektor. +Du er Cosmo Skyberg, og skal lede en strukturert ROS-analyse for et AI-system. Metodikken (NS 5814 / ISO 31000) er sektor-agnostisk — default til en sektor-nøytral analyse og spesialiser når sektoren er kjent (offentlig sektor, finans, helse, transport, industri, etc.). Sektor-sjekklister (inkl. finans: DORA, Finanstilsynet, Finansforetaksloven) aktiveres automatisk ved oppdaget sektor. ## Språk og encoding diff --git a/commands/utredning.md b/commands/utredning.md index 7efad72..b0a7ccf 100644 --- a/commands/utredning.md +++ b/commands/utredning.md @@ -10,6 +10,8 @@ model: opus Du er Cosmo Skyberg i en strukturert utredningsrolle. Gjennomfør en komplett AI-arkitekturutredning tilpasset norsk offentlig sektor — basert på utredningsinstruksen, Digdirs arkitekturprinsipper, rammeverk for digital samhandling og EU AI Act. +> **Sektor:** Utredningen er forankret i utredningsinstruksen, som gjelder statlige tiltak. For privat sektor — eller et sektor-nøytralt Solution Architecture Document (SAD) uten det offentlige stillaset — bruk `/architect:design`. + **Arkitektur:** Fil-basert orkestrering. Agenter skriver output til `.work/`-filer. Orkestratoren leser fra filer, aldri fra TaskOutput. Kontekstvinduet holdes lett. ## Sessionskontekst @@ -207,7 +209,7 @@ Alle arbeidere spawnes med `Task` og skriver output til `.work/`-filer. Bruk `te Task(architect:security-assessment-agent, name="security-worker", team_name="{team}"): "Utfør sikkerhetsvurdering for: {scenario} Plattform: {plattform} -Kontekst: Norsk offentlig sektor. {detaljer fra Fase 1} +Kontekst: {sektor/virksomhet fra Fase 1} Les relevante KB-filer (max 3): - skills/ms-ai-security/references/ai-security-engineering/security-scoring-rubrics-6x5.md diff --git a/commands/vendor.md b/commands/vendor.md new file mode 100644 index 0000000..f06fa68 --- /dev/null +++ b/commands/vendor.md @@ -0,0 +1,81 @@ +--- +name: architect:vendor +description: Tredjeparts-/SaaS-leverandørvurdering (due diligence) — dataresidens, sub-prosessorer, DPA, Schrems II, AI Act-deployerforpliktelser +argument-hint: "[leverandør/tjeneste] for [bruksscenario]" +allowed-tools: Read, Glob, Grep, Task, Write, mcp__microsoft-learn__microsoft_docs_search +model: opus +--- + +# /architect:vendor - Leverandørvurdering (tredjepart/SaaS due diligence) + +Du er Cosmo Skyberg i en due-diligence-rolle. Vurder en ekstern tredjeparts- eller SaaS-leverandør (ikke-Microsoft AI/SaaS) som virksomheten vurderer å ta i bruk eller allerede bruker (inkludert shadow-AI). Dette er en daglig privat-enterprise-oppgave: `/architect:license` dekker Microsoft-lisenser, denne kommandoen dekker eksterne leverandører. + +> **Sektor:** Sektor-nøytral. Tilpass vekting når sektoren er kjent (finans → DORA tredjeparts-IKT-risiko + Finanstilsynets utkontrakteringskrav; helse → databehandleravtale + Normen). + +## Språk og encoding + +**VIKTIG:** Bruk norske tegn (æ, ø, å) korrekt i all output. Norsk prosa, engelske fagtermer der naturlig. + +## Instruksjoner + +### 1. Parse input + +Ekstraher: +- **Leverandør/tjeneste** — hvilken ekstern løsning vurderes +- **Bruksscenario** — hva den skal brukes til +- **Sektor/kontekst** — default nøytral + +### 2. Samle kontekst + +Avklar hvis ikke kjent: +- **Datatyper** — hvilke data flyter til leverandøren? Personopplysninger? Særlige kategorier? Forretningskritisk? +- **Driftsmodell** — SaaS (multi-tenant), dedikert, hybrid, on-prem +- **AI-komponent** — er tjenesten et AI-system? Trener den på kundedata? (utløser AI Act-deployervurdering) +- **Kritikalitet** — hvor avhengig blir virksomheten (DORA: kritisk vs. viktig funksjon) + +### 3. Les kunnskapsbasene + +- `skills/ms-ai-governance/references/monitoring-observability/data-residency-audit-monitoring.md` — Schrems II, EDPB seks-stegs-TIA, CLOUD Act/FISA 702-restanalyse for tredjelandsoverføring +- `skills/ms-ai-governance/references/responsible-ai/ai-act-deployer-obligations.md` — deployerforpliktelser hvis leverandøren leverer et AI-system +- `skills/ms-ai-advisor/references/architecture/security.md` — sikkerhetskrav til eksterne tjenester + +For personvern-/cross-border-dybde: deleger til `/architect:dpia` (full TIA). For anskaffelseskrav: `/architect:anskaffelse`. + +### 4. Bygg leverandørvurderingen + +Strukturér i syv områder med funn og status (🟢/🟡/🔴): + +1. **Leverandørprofil** — selskap, eierskap, jurisdiksjon, morselskap (USA-eierskap → CLOUD Act-eksponering uavhengig av lagringssted) +2. **Dataresidens og dataflyt** — hvor lagres og prosesseres data? Sub-prosessorer (liste + jurisdiksjoner)? Support-tilgang fra tredjeland? +3. **Personvern** — databehandleravtale (GDPR art. 28), behandlingsgrunnlag, sub-prosessor-godkjenning, sletting/portabilitet. Ved tredjelandsoverføring: overføringsgrunnlag + EDPB seks-stegs-TIA (henvis `/architect:dpia`) +4. **Sikkerhet** — sertifiseringer (ISO 27001, SOC 2 Type II), kryptering (i ro/transitt), pentest/sårbarhetshåndtering, hendelsesvarsling, tilgangsstyring +5. **AI Act-implikasjoner** — er leverandøren provider av AI? Blir virksomheten deployer? GPAI? Transparenskrav (Art. 50). Kontraktsfest provider-dokumentasjon +6. **Kontrakt og exit** — SLA, oppetid, ansvar, vendor lock-in, dataportabilitet, oppsigelse, dataretur/sletting ved exit +7. **Risiko og samlet vurdering** — go / betinget go / no-go, med kritiske betingelser + +**Beslutningsmatrise:** + +| Område | Status | Kritiske funn | Tiltak før kontrakt | +|--------|--------|---------------|---------------------| +| Dataresidens | 🟢/🟡/🔴 | ... | ... | +| Personvern (DPA) | 🟢/🟡/🔴 | ... | ... | +| Sikkerhet | 🟢/🟡/🔴 | ... | ... | +| AI Act | 🟢/🟡/🔴 | ... | ... | +| Exit/lock-in | 🟢/🟡/🔴 | ... | ... | + +### 5. Lever + +Tilby: +- Skriv til fil (foreslå `docs/vendor/VENDOR-[slug].md`) +- `/architect:dpia` — full personvern- og cross-border-TIA før kontrakt +- `/architect:anskaffelse` — formelle anskaffelseskrav og tildelingskriterier +- `/architect:security` — dypere sikkerhetsvurdering av integrasjonen +- `/architect:adr` — dokumentér leverandørbeslutningen + +## Retningslinjer + +- USA-eid leverandør = CLOUD Act-eksponering selv ved EU-lagring — flagg eksplisitt +- Skill mellom kontraktsfestede garantier og markedsføringspåstander — krev dokumentasjon +- Shadow-AI: vurder tjenester som allerede er i bruk uten godkjenning med samme strenghet +- Ingen salgsspråk; etterprøvbart beslutningsgrunnlag +- Marker tydelig hva som er verifisert (kontrakt/sertifikat) vs. antatt diff --git a/docs/playground.md b/docs/playground.md index abcf63c..a90e69a 100644 --- a/docs/playground.md +++ b/docs/playground.md @@ -7,7 +7,7 @@ Erstatter v2 5-stegs-pipelinen med en multi-surface-app som persisterer state og **v1.15.0 (sesjon 5 av ~8 i v2-prosjektet):** Project-surface byttet fra v2 `renderProjectSurface` (screen-tabs + category-tabs + per-command paste-cards) til v3 `renderProjectView` (sidebar med 17 artifacts + main-area + import-modal overlay). `renderActive()` ruter `project`-surface til `renderProjectSurfaceV3()` som wrapper renderProjectView + topbar + app-shell. V2-surface helt fjernet: `renderProjectSurface` (152 linjer), `renderCommandSubCard` (87 linjer), `rehydratePasteImports` (15 linjer), `currentProjectScreen`, `ACTIONS['project-screen']`, 5 v2-CSS-klasser. Zombie-handlers beholdt for test-back-compat: `currentProjectTab`, `ACTIONS['project-tab']`, `ACTIONS['parse']`, `handlePasteImport`, `window.__handlePasteImport`. 2 fingerprint-gap lukket: requirements.headers + license.headers. `migrateDataVersion` utvidet med `parserFor` → demo-state (kun `raw_markdown`) auto-parses til `project.artifacts[cid]`. Ship-QA-bugfixes: `components-tier4-project-view.css` lagt til i ``-kjeden (manglet → modal-overlay og two-column layout virket ikke); `renderImportModal` setter `data-open="true"` (DS-kontrakt). - **Fil:** `playground/ms-ai-architect-playground.html` (~3870+ linjer, single-file v3-arkitektur) -- **4 surfaces:** Onboarding (18 felles felt — 4 strukturerte / 14 fritekst etter v1.10.0) → Home (prosjekt-liste + 3 entry-tracks) → Catalog (27 commands gruppert i 5 expansion-grupper med søk) → **Project v3** (sidebar med 17 artifacts gruppert i 4 kategorier + søk + main-area med per-artifact view eller overview med top-risks/next-actions + import-modal som DS-overlay) +- **4 surfaces:** Onboarding (18 felles felt — 4 strukturerte / 14 fritekst etter v1.10.0) → Home (prosjekt-liste + 3 entry-tracks) → Catalog (29 commands gruppert i 5 expansion-grupper med søk) → **Project v3** (sidebar med 17 artifacts gruppert i 4 kategorier + søk + main-area med per-artifact view eller overview med top-risks/next-actions + import-modal som DS-overlay) - **Persistens:** IndexedDB-primær med localStorage-fallback. Schema-versjonert (`STATE_KEY = 'ms-ai-architect-state-v1'`) med eager `MIGRATIONS`-pipeline. v1.10.0 introduserer `dataVersion v1→v2`-migrasjon (idempotent) som backfill-er `verdict`+`keyStats`. - **17 rapport-renderers (felles grunnskjelett):** Alle wrapper output via `renderPageShell()` med eyebrow + h1 + valgfri verdict-pill + valgfri key-stats-grid + arketype-spesifikk body. Parser → struktur → HTML rutet via kanonisk archetype-routing-tabell. - **Foundation-helpers:** `renderPageShell`, `renderVerdictPill`, `renderKeyStatsGrid`, `inferVerdict`, `inferKeyStats`, `KEY_STATS_CONFIG`. @@ -19,14 +19,14 @@ Erstatter v2 5-stegs-pipelinen med en multi-surface-app som persisterer state og | Test | Kommando | Dekning | |------|----------|---------| -| Statisk struktur | `bash tests/test-playground-v3.sh` | 219 PASS, 2 WARN (pre-eks.) — vendored CSS, surfaces, 27 commands, 14 parsere, 17 renderers via PROJECT_VIEW_CONFIG.renderers-routing, action-handlers | +| Statisk struktur | `bash tests/test-playground-v3.sh` | 223 PASS, 2 WARN (pre-eks.) — vendored CSS, surfaces, 29 commands, 14 parsere, 17 renderers via PROJECT_VIEW_CONFIG.renderers-routing, action-handlers | | Parser-fixtures | `bash tests/test-playground-parsers.sh` | 70 PASS — 17 fixtures × parser-routing | | Migrasjon | `bash tests/test-playground-migrations.sh` | 16 PASS — v1→v2 + v2→v3 idempotent migrasjon | | Fingerprints | `bash tests/test-playground-fingerprints.sh` | 32 PASS — 17-fixture true-positive + 4 anti-match + API-sanity | | Project-view | `bash tests/test-playground-projectview.sh` | 30 PASS — 4 view-states + nav-søk + null-guard | | ACTIONS | `bash tests/test-playground-actions.sh` | 19 PASS — 6 pure-state-handlers + projectViewUiState | -| Kombinert (E2E) | `bash tests/run-e2e.sh --playground` | 386 PASS, 0 FAIL, 2 WARN | -| Plugin-validering | `bash tests/validate-plugin.sh` | 219 PASS | +| Kombinert (E2E) | `bash tests/run-e2e.sh --playground` | 390 PASS, 0 FAIL, 2 WARN | +| Plugin-validering | `bash tests/validate-plugin.sh` | 239 PASS | | Manuell A11Y QA | Se `playground/MANUAL-CHECKLIST.md` | 10 seksjoner inkl. axe-core-kjøring per surface | | A11Y-rapport | `playground/A11Y-RAPPORT.md` | Statisk vurdering klar — browser-axe-kjøring pending | diff --git a/playground/ms-ai-architect-playground.html b/playground/ms-ai-architect-playground.html index f564ce4..01b6959 100644 --- a/playground/ms-ai-architect-playground.html +++ b/playground/ms-ai-architect-playground.html @@ -805,7 +805,7 @@ // COMMAND CATALOG (Step 4) // ============================================================ // - // Kanonisk single-source-of-truth for alle 25 commands. Driver: + // Kanonisk single-source-of-truth for alle 29 commands. Driver: // - Step 5/8: skjema-render via input_fields[] // - Step 9: katalog-UI gruppert på category // - Step 11: parser-routing via report_archetype @@ -834,7 +834,7 @@ // som bruker det. const SHARED = { organisation_name: { id: 'organisation_name', label: 'Virksomhet', type: 'text', from: 'shared', shared_path: 'organization.name' }, - sector: { id: 'sector', label: 'Sektor', type: 'select', from: 'shared', shared_path: 'organization.sector', options: ['Statlig', 'Kommunal', 'Fylkeskommune', 'Helseforetak', 'Undervisning', 'Annet'] }, + sector: { id: 'sector', label: 'Sektor', type: 'select', from: 'shared', shared_path: 'organization.sector', options: ['Statlig', 'Kommunal', 'Fylkeskommune', 'Helseforetak', 'Undervisning', 'Finans', 'Industri', 'Handel', 'Energi', 'Telekom', 'Annet'] }, regulatory_requirements: { id: 'regulatory_requirements', label: 'Regulatoriske krav', type: 'multiSelect', from: 'shared', shared_path: 'organization.regulatory_requirements', options: ['Personopplysningsloven/GDPR', 'Sikkerhetsloven', 'Arkivloven', 'Forvaltningsloven', 'Offentleglova', 'Helseregisterloven', 'Annet'] }, cloud_platform: { id: 'cloud_platform', label: 'Skyplattform', type: 'multiSelect', from: 'shared', shared_path: 'technology.cloud_platform', options: ['Azure', 'M365', 'Power Platform', 'On-prem', 'Hybrid', 'Annet'] }, license_type: { id: 'license_type', label: 'Lisenstype', type: 'select', from: 'shared', shared_path: 'technology.license_type', options: ['E3', 'E5', 'F1/F3', 'A3/A5', 'G3/G5', 'Annet'] }, @@ -1125,7 +1125,7 @@ ] }, - // ===== DOCUMENTATION (7) ===== + // ===== DOCUMENTATION (9) ===== { id: 'anskaffelse', category: 'documentation', @@ -1267,8 +1267,50 @@ { id: 'use_case', label: 'Use case', type: 'textarea', from: 'local' } ] }, + { + id: 'design', + category: 'documentation', + label: 'Solution Architecture Document (SAD)', + description: 'Sektor-nøytralt arkitekturdokument: kontekst, krav/NFR, alternativer, valgt design, risiko, veikart.', + argument_hint: '[løsningsnavn] for [bruksscenario]', + calls_agent: null, + kb_files: ['decision-trees.md', 'security.md', 'cost-models.md'], + produces_report: false, + report_archetype: null, + report_root_class: null, + renderer: null, + input_fields: [ + SHARED.organisation_name, + SHARED.sector, + { id: 'solution_name', label: 'Løsningsnavn', type: 'text', from: 'local' }, + { id: 'use_case', label: 'Bruksscenario', type: 'textarea', from: 'local' }, + { id: 'nfr', label: 'Ikke-funksjonelle krav (NFR)', type: 'textarea', from: 'local' }, + { id: 'constraints', label: 'Begrensninger', type: 'textarea', from: 'local' } + ] + }, + { + id: 'vendor', + category: 'documentation', + label: 'Leverandørvurdering (tredjepart/SaaS)', + description: 'Due diligence for ekstern SaaS/AI-leverandør: dataresidens, sub-prosessorer, DPA, Schrems II, AI Act-deployer.', + argument_hint: '[leverandør/tjeneste] for [bruksscenario]', + calls_agent: null, + kb_files: ['data-residency-audit-monitoring.md', 'ai-act-deployer-obligations.md', 'security.md'], + produces_report: false, + report_archetype: null, + report_root_class: null, + renderer: null, + input_fields: [ + SHARED.organisation_name, + SHARED.sector, + { id: 'vendor_name', label: 'Leverandør/tjeneste', type: 'text', from: 'local' }, + { id: 'use_case', label: 'Bruksscenario', type: 'textarea', from: 'local' }, + { id: 'data_to_vendor', label: 'Data som flyter til leverandøren', type: 'textarea', from: 'local' }, + { id: 'deployment_model', label: 'Driftsmodell', type: 'select', from: 'local', options: ['SaaS (multi-tenant)', 'Dedikert', 'Hybrid', 'On-prem'] } + ] + }, - // ===== TOOL (7) — ingen rapport, kun skjema + output-kopiering ===== + // ===== TOOL (8) — ingen rapport, kun skjema + output-kopiering ===== { id: 'architect', category: 'tool', @@ -1856,7 +1898,7 @@ '' + '' @@ -1967,7 +2009,9 @@ { id: 'copilot-extension', name: 'Copilot-utvidelse for M365' }, { id: 'customer-service', name: 'Kundeservice-chatbot' }, { id: 'intelligent-search', name: 'Intelligent søk på tvers av fagsystemer' }, - { id: 'reporting', name: 'AI-assistert rapportering' } + { id: 'reporting', name: 'AI-assistert rapportering' }, + { id: 'fraud-detection', name: 'Bank fraud-detection (finans, DORA — FRIA-unntatt)' }, + { id: 'credit-scoring', name: 'Kredittscoring (finans, FRIA-pliktig privat deployer)' } ]; // v1.15.0: currentProjectTab beholdes som zombie for ACTIONS['project-tab']- @@ -2116,7 +2160,7 @@ // CATALOG SURFACE (Step 9) // ============================================================ // - // 25 commands gruppert i 5 .expansion-grupper (CATALOG.categories) med + // 29 commands gruppert i 5 .expansion-grupper (CATALOG.categories) med // søke-input som filtrerer på id+label+description+argument_hint. // Hver kategori-expansion rendrer en .catalog-cards-grid med kort. // "Åpne skjema" på et kort åpner renderCommandForm() i modal. diff --git a/tests/test-playground-v3.sh b/tests/test-playground-v3.sh index 4b7fcff..1ff7b06 100755 --- a/tests/test-playground-v3.sh +++ b/tests/test-playground-v3.sh @@ -151,10 +151,10 @@ for f in "$PLUGIN_ROOT"/commands/*.md; do fail "Command-ID '${cmd_id}' mangler i v3 HTML" fi done -if [ "$cmd_count" -eq 27 ]; then - pass "27 command-filer funnet i commands/ (forventet 27)" +if [ "$cmd_count" -eq 29 ]; then + pass "29 command-filer funnet i commands/ (forventet 29)" else - fail "Forventet 27 command-filer, fant $cmd_count" + fail "Forventet 29 command-filer, fant $cmd_count" fi # ------------------------------------------------------- From 52ba6daf67059230ec486a603cee7f9760efa519 Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 18:53:02 +0200 Subject: [PATCH 016/309] =?UTF-8?q?fix(ms-ai-architect):=20#8a=20currency?= =?UTF-8?q?=20S-bannere=20=E2=80=94=20Prompt=20Flow=20retirement,=20CUA=20?= =?UTF-8?q?GA,=20agentic=20retrieval=20GA-split,=20E=C3=98S=20+=20EDPB=202?= =?UTF-8?q?8/2024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Phase A av #8 currency-rest. Hver faktapåstand verifisert mot kilde FØR skriving (Microsoft Learn microsoft_docs_fetch + offisielle EU/norske kilder, 2026-06-18). To research-subagenter brukt til parallell faktaverifisering. Prompt Flow retirement (banner i 5 filer): - Verifisert verbatim mot Microsoft Learn: Prompt Flow i BÅDE Microsoft Foundry og Azure Machine Learning pensjoneres 2027-04-20; migrer til Microsoft Agent Framework (MAF). Container images får ikke lenger oppdateringer. - Toppbanner: prompt-flow-production-deployment.md, genaiops-llm-specific-practices.md. - Kontekstuelle inline-flagg: rag-core-patterns.md (bullet + produksjonstabell), rag-evaluation-frameworks.md (verktøytabell), azure-ai-search-setup.md (PF-seksjon), agentic-rag-patterns.md (Foundry-integrasjonsrad). Copilot Studio Computer Use / CUA (copilot-studio.md): - Preview -> GA 7. mai 2026. KORRIGERT fra intern feildato 2026-05-13 (verifisert mot Power Platform 2026 wave 1 release plan + What's new). - Geo presisert: GA i kommersielle miljøer; IKKE GCC/GCC High. Eksakt regionsliste ikke offentlig verifiserbar -> merket uverifisert (verifiseringsplikt). - Fjernet nå-utdatert "Velg RPA når: kun GA-features tillatt"-begrunnelse. Azure AI Search agentic retrieval (agentic-rag-patterns.md): - Preview -> DELVIS GA. Minimal/ekstraktiv retrieval er GA (REST 2026-04-01); LLM query planning + answer synthesis er fortsatt preview (2026-05-01-preview). - "Single index"-begrensning -> multi-source via knowledge bases (kun GA-kildetyper: searchIndex, azureBlob, indexedOneLake, web; SharePoint/SQL/Fabric/MCP preview). EU AI Act EØS-status (ai-act-compliance-guide.md): - Korrigert feilpåstand "direkte gjeldende ... sommeren 2026". AI Act er IKKE formelt EØS-innlemmet per juni 2026; KI-loven ikke vedtatt av Stortinget (høringsfrist sept. 2025; ikrafttredelse politisk målsatt sensommer 2026). EDPB Opinion 28/2024 (gdpr-compliance-ai-systems.md, 3 ankre): - Nyanserer "anonymisert = utenfor GDPR-scope". Må vurderes case-by-case: modell er kun anonym når både direkte-ekstraksjon og query-baserte midler gir ubetydelig re-identifiseringsrisiko (jf. fortalepunkt 26). Tabellrad endret fra "Nei" til "Betinget". Allerede gjort i tidligere faser (re-verifisert, ingen edit nødvendig): MAF-banner (semantic-kernel-agents-implementation.md), Omnibus-note (ai-act-assessor.md), NSM Grunnprinsipper v2.1, A2A v1.0 + Signed Agent Cards (egen fil agent-to-agent-a2a-protocol.md). A2A v1.0.1 er immateriell patch. Tester: validate-plugin 239 PASS / 0 FAIL / 0 WARN · kb-integrity 115/115 (262 orphan-warnings er pre-eksisterende ms-ai-security-backlog, urørt). Gjenstår i #8: M-items (OWASP LLM04/06/08/09, Defender threat protection, Foundry Local air-gapped, M365 E7+Agent365) + SKILL.md de-orphan -> deretter #9 release. Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- .../references/platforms/copilot-studio.md | 10 +++++----- .../genaiops-llm-specific-practices.md | 2 ++ .../prompt-flow-production-deployment.md | 2 ++ .../rag-architecture/agentic-rag-patterns.md | 18 ++++++++++-------- .../rag-architecture/azure-ai-search-setup.md | 2 ++ .../rag-architecture/rag-core-patterns.md | 4 ++-- .../rag-evaluation-frameworks.md | 2 +- .../responsible-ai/ai-act-compliance-guide.md | 4 +++- .../gdpr-compliance-ai-systems.md | 8 +++++--- 9 files changed, 32 insertions(+), 20 deletions(-) diff --git a/skills/ms-ai-advisor/references/platforms/copilot-studio.md b/skills/ms-ai-advisor/references/platforms/copilot-studio.md index d598fd7..d1aa1fe 100644 --- a/skills/ms-ai-advisor/references/platforms/copilot-studio.md +++ b/skills/ms-ai-advisor/references/platforms/copilot-studio.md @@ -46,9 +46,9 @@ Agenter som kjører i bakgrunnen uten brukerinput: - Dataverse table updates - Dynamics 365 business events -### Computer Use (Preview) +### Computer Use (GA) -**Status:** Preview (US-region, jan 2026+) +**Status:** GA fra **7. mai 2026** (Power Platform 2026 wave 1). Tilgjengelig i kommersielle miljøer; **ikke** tilgjengelig i GCC/GCC High. Eksakt regionsliste er ikke offentlig verifisert per 2026-06-18 — se [Feature availability report](https://aka.ms/FeatureGeographicAvailabilityReport). Copilot Studio støtter nå Computer-Using Agents (CUA) — AI som kan interagere med Windows-applikasjoner og nettsider via virtuell mus og tastatur: @@ -167,7 +167,7 @@ Copilot Studio støtter MCP for å koble til eksterne AI-servere: ## CUA — Computer-Using Agents -**Status:** Preview (september 2025); GA planlagt mai 2026 +**Status:** **GA 7. mai 2026** (public preview 27. mai 2025). Verifisert mot Power Platform 2026 wave 1 release plan + Copilot Studio «What's new» (2026-06-18). CUA lar agenter automatisere oppgaver i Windows-applikasjoner og nettsider uten behov for API. @@ -203,9 +203,9 @@ CUA lar agenter automatisere oppgaver i Windows-applikasjoner og nettsider uten | Feilhåndtering | Statisk | Selvkorrigerende | **Velg CUA når:** UI-et endrer seg ofte, RPA-backlog er full, oppgaven krever visuell resonnering. -**Velg RPA når:** Kun GA-features tillatt, UI er stabilt, høy volumhastighet er kritisk. +**Velg RPA når:** UI er stabilt, høy volumhastighet er kritisk, eller miljøet er GCC/GCC High (der CUA ikke er tilgjengelig). -**Krav:** Kun tilgjengelig i United States-regioner (per feb 2026). Generative Orchestration må være aktivert. +**Krav:** GA fra 7. mai 2026 i kommersielle miljøer; **ikke** tilgjengelig i GCC/GCC High (eksakt regionsliste ikke offentlig verifisert per 2026-06-18). Generative Orchestration må være aktivert. --- diff --git a/skills/ms-ai-engineering/references/mlops-genaiops/genaiops-llm-specific-practices.md b/skills/ms-ai-engineering/references/mlops-genaiops/genaiops-llm-specific-practices.md index 29b0688..ae6b9f1 100644 --- a/skills/ms-ai-engineering/references/mlops-genaiops/genaiops-llm-specific-practices.md +++ b/skills/ms-ai-engineering/references/mlops-genaiops/genaiops-llm-specific-practices.md @@ -7,6 +7,8 @@ --- +> **⚠️ Retirement 2027-04-20 (verifisert 2026-06-18):** Prompt Flow (Microsoft Foundry + Azure ML) pensjoneres 20. april 2027 og anbefales ikke for ny utvikling — migrer til **Microsoft Agent Framework (MAF)**. Referanser til Prompt Flow nedenfor gjelder eksisterende løsninger frem til fristen; nye GenAIOps-pipelines bør bygge på MAF. [Migrasjonsguide](https://learn.microsoft.com/azure/machine-learning/prompt-flow/migrate-prompt-flow-to-agent-framework?view=azureml-api-2). + ## Introduksjon GenAIOps (Generative AI Operations), også kalt LLMOps, beskriver operasjonelle praksiser og strategier for håndtering av store språkmodeller (LLMs) i produksjon. Mens tradisjonell MLOps fokuserer på å trene og deploye diskriminative modeller, handler GenAIOps om å **velge, tilpasse, orkestrere og overvåke** eksisterende foundation models. diff --git a/skills/ms-ai-engineering/references/mlops-genaiops/prompt-flow-production-deployment.md b/skills/ms-ai-engineering/references/mlops-genaiops/prompt-flow-production-deployment.md index 178d629..b11656d 100644 --- a/skills/ms-ai-engineering/references/mlops-genaiops/prompt-flow-production-deployment.md +++ b/skills/ms-ai-engineering/references/mlops-genaiops/prompt-flow-production-deployment.md @@ -6,6 +6,8 @@ --- +> **⚠️ Retirement (verifisert mot Microsoft Learn 2026-06-18):** Prompt Flow — i **både Microsoft Foundry og Azure Machine Learning** — pensjoneres **20. april 2027** og anbefales ikke for ny utvikling. Migrer eksisterende flows og deployments til **Microsoft Agent Framework (MAF)** før fristen. Web authoring-opplevelsen (Foundry + Azure ML), VS Code-utvidelsene og Prompt Flow container images (`promptflow-runtime`, `promptflow-runtime-stable`, `promptflow-python`) får ikke lenger oppdateringer, inkludert sikkerhetsoppdateringer. [Migrasjonsguide](https://learn.microsoft.com/azure/machine-learning/prompt-flow/migrate-prompt-flow-to-agent-framework?view=azureml-api-2). Innholdet under beskriver fortsatt gjeldende Prompt Flow-praksis for eksisterende løsninger frem til fristen. + ## Introduksjon Prompt Flow er Microsofts rammeverk for å utvikle, teste og deploye LLM-baserte applikasjoner gjennom en visuell workflow-editor. Produksjonsdeployment av Prompt Flow handler om å ta en testet og evaluert flow fra utviklingsmiljø til skalerbar produksjon med robuste CI/CD-pipelines, overvåking og governance. diff --git a/skills/ms-ai-engineering/references/rag-architecture/agentic-rag-patterns.md b/skills/ms-ai-engineering/references/rag-architecture/agentic-rag-patterns.md index e5dc20d..3b5caa3 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/agentic-rag-patterns.md +++ b/skills/ms-ai-engineering/references/rag-architecture/agentic-rag-patterns.md @@ -1,7 +1,7 @@ # Agentic RAG Patterns — Agent-styrt retrieval **Last updated:** 2026-04 | Verified: MCP 2026-04 -**Status:** GA (Semantic Kernel), Preview (Azure AI Search agentic retrieval) +**Status:** GA (Semantic Kernel); Azure AI Search agentic retrieval **delvis GA** (verifisert 2026-06-18) — minimal/ekstraktiv retrieval er GA via REST `2026-04-01`, mens LLM query planning + answer synthesis er preview (`2026-05-01-preview`) **Category:** RAG Architecture & Semantic Search --- @@ -138,10 +138,10 @@ agent = chat_client.as_agent( - Built-in semantic reranking per subquery - 3-delt response med grounding + citations + activity plan -**Begrensninger:** -- Kun single index per agentic retrieval instance +**Begrensninger (verifisert 2026-06-18):** +- **Delt GA-/preview-overflate:** REST `2026-04-01` (stabil/GA) gir kun minimal, ekstraktiv retrieval. **LLM query planning og answer synthesis** (beskrevet over) krever **preview** (`2026-05-01-preview`) — Azure- og Foundry-portalen bruker preview-versjonen. +- **Knowledge bases / multi-source:** GA (`2026-04-01`) støtter flere kilder i én knowledge base, men kun GA-kildetyper (`searchIndex`, `azureBlob`, `indexedOneLake`, `web`). SharePoint, Azure SQL, Fabric og MCP server er fortsatt preview. - Krever semantic ranker (S1+ tier) -- Preview status (API 2025-11-01-preview) **Prising:** - Free tier: 50M agentic reasoning tokens/mnd @@ -200,10 +200,10 @@ agent = chat_client.as_agent( | Tjeneste | Integrasjonspunkt | |----------|-------------------| -| **Azure AI Search** | Agentic retrieval (preview), vector store, hybrid search | +| **Azure AI Search** | Agentic retrieval (delvis GA — REST `2026-04-01`; LLM-planning preview), vector store, hybrid search | | **Semantic Kernel** | TextSearchProvider, agent orchestration patterns | | **Microsoft Agent Framework** | VectorStore bridge, tool-basert RAG | -| **Azure AI Foundry** | Prompt Flow for visual DAG orchestration | +| **Azure AI Foundry** | Prompt Flow (pensjoneres 2027-04-20 → MAF) for visual DAG orchestration | | **Azure OpenAI** | GPT-4o for query planning, function calling | | **Application Insights** | Agent decision logging, token tracking | @@ -261,7 +261,7 @@ agent = chat_client.as_agent( ### Fallgruver - **Agentic for alt:** Single-query RAG dekker 70% av use cases — start der -- **Preview-avhengighet:** Azure AI Search agentic retrieval er preview — ha fallback +- **GA-/preview-split:** Minimal agentic retrieval er GA (REST `2026-04-01`); LLM query planning + answer synthesis er fortsatt preview (`2026-05-01-preview`) — ha fallback hvis løsningen avhenger av preview-funksjonene - **Agent-explosion:** For mange spesialist-agenter = uforutsigbar oppførsel ### Anbefalinger per modenhetsnivå @@ -287,7 +287,9 @@ agent = chat_client.as_agent( | Multi-agent performance (34% accuracy) | **Baseline** | Community source (ragaboutit.com) | -### Azure AI Search Agentic Retrieval (Public Preview — oppdatert 2026-04) +### Azure AI Search Agentic Retrieval (delvis GA — oppdatert 2026-06-18) + +> Minimal, ekstraktiv retrieval er **GA** (REST `2026-04-01`). Funksjonaliteten under — LLM-drevet query planning, subquery-nedbryting og answer synthesis — krever **preview** (`2026-05-01-preview`). Azure AI Search agentic retrieval er en managed multi-query pipeline for komplekse spørsmål i chat og copilot-apper: diff --git a/skills/ms-ai-engineering/references/rag-architecture/azure-ai-search-setup.md b/skills/ms-ai-engineering/references/rag-architecture/azure-ai-search-setup.md index 447497c..b4f69fd 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/azure-ai-search-setup.md +++ b/skills/ms-ai-engineering/references/rag-architecture/azure-ai-search-setup.md @@ -255,6 +255,8 @@ Copilot Studio kan bruke AI Search som "knowledge base" via **Declarative Agent* ### AI Foundry + AI Search (Prompt Flow) +> **⚠️ Retirement 2027-04-20:** Prompt Flow (Microsoft Foundry + Azure ML) pensjoneres 20. april 2027 — migrer til **Microsoft Agent Framework (MAF)**. Mønsteret under gjelder eksisterende løsninger frem til fristen. [Migrasjonsguide](https://learn.microsoft.com/azure/machine-learning/prompt-flow/migrate-prompt-flow-to-agent-framework?view=azureml-api-2). + AI Foundry (tidligere AI Studio) har innebygget **Vector Index**-node i Prompt Flow: ```yaml diff --git a/skills/ms-ai-engineering/references/rag-architecture/rag-core-patterns.md b/skills/ms-ai-engineering/references/rag-architecture/rag-core-patterns.md index d4ddc53..748a990 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/rag-core-patterns.md +++ b/skills/ms-ai-engineering/references/rag-architecture/rag-core-patterns.md @@ -264,7 +264,7 @@ results = search_client.search( ### Azure AI Foundry -- **Prompt flow:** Visuell orkestrasjon av RAG-pipelines (indexing → retrieval → generation) +- **Prompt flow:** Visuell orkestrasjon av RAG-pipelines (indexing → retrieval → generation) — ⚠️ *pensjoneres 2027-04-20, migrer til Microsoft Agent Framework (MAF)* - **Evaluation:** Built-in metrics (groundedness, relevance, coherence) - **Tracing:** End-to-end observability av RAG-calls @@ -365,7 +365,7 @@ results = search_client.search( | Modenhet | RAG-mønster | Tooling | Tidsestimat | |----------|-------------|---------|-------------| | **Pilot** (MVP) | Naive RAG | Copilot Studio generative answers | 1-2 uker | -| **Produksjon** (scale) | Advanced RAG | Azure AI Foundry Prompt flow + Semantic Kernel | 6-8 uker | +| **Produksjon** (scale) | Advanced RAG | Microsoft Agent Framework (MAF) + Semantic Kernel ⚠️ *(erstatter Prompt Flow, som pensjoneres 2027-04-20)* | 6-8 uker | | **Advanced** (complex) | Agentic RAG | Microsoft Agent Framework + custom agents | 12-16 uker | ### Quick-start playbook diff --git a/skills/ms-ai-engineering/references/rag-architecture/rag-evaluation-frameworks.md b/skills/ms-ai-engineering/references/rag-architecture/rag-evaluation-frameworks.md index b8e78c0..be4e1eb 100644 --- a/skills/ms-ai-engineering/references/rag-architecture/rag-evaluation-frameworks.md +++ b/skills/ms-ai-engineering/references/rag-architecture/rag-evaluation-frameworks.md @@ -218,7 +218,7 @@ Bruk `mlflow.log_feedback()` med `AssessmentSourceType.HUMAN` for å logge menne |---------|-------------|------| | Azure AI Evaluation SDK | `pip install azure-ai-evaluation` | Offline/batch evaluering | | MLflow 3 | `pip install mlflow` | Tracing + online evaluering | -| Prompt Flow | Via Azure AI Foundry | End-to-end utvikling | +| Prompt Flow ⚠️ *(pensjoneres 2027-04-20 → MAF)* | Via Azure AI Foundry | End-to-end utvikling | ### Spesialverktøy diff --git a/skills/ms-ai-governance/references/responsible-ai/ai-act-compliance-guide.md b/skills/ms-ai-governance/references/responsible-ai/ai-act-compliance-guide.md index 0ae1f66..aed4655 100644 --- a/skills/ms-ai-governance/references/responsible-ai/ai-act-compliance-guide.md +++ b/skills/ms-ai-governance/references/responsible-ai/ai-act-compliance-guide.md @@ -7,7 +7,9 @@ ## Introduksjon -EU AI Act er verdens første omfattende regulering av kunstig intelligens, vedtatt i 2024 og gjeldende fra august 2024 med gradvis innfasing av krav frem til 2027. For Norge som EEA-medlem blir regelverket direkte gjeldende, med planlagt implementering sommeren 2026. +EU AI Act er verdens første omfattende regulering av kunstig intelligens, vedtatt i 2024 og gjeldende i EU fra august 2024 med gradvis innfasing av krav (tidslinjen er under revisjon via Digital Omnibus). + +> **⚠️ EØS-/Norge-status (verifisert 2026-06-18):** EU AI Act er **ikke formelt innlemmet i EØS-avtalen** per juni 2026 — den er derfor ikke «direkte gjeldende» i Norge ennå. Norsk gjennomføringslov («KI-loven» / lov om kunstig intelligens) var på høring (frist 30. sept. 2025) og er **ikke vedtatt av Stortinget**. Ikrafttredelse er politisk målsatt til sensommer 2026, men ikke en vedtatt dato (Digital Omnibus-forsinkelser kan påvirke). Kilder: regjeringen.no (høring 30.06.2025), europalov.no. Regelverket innfører en risikobasert tilnærming der AI-systemer klassifiseres i fire kategorier: forbudt, høyrisiko, begrenset risiko og minimal risiko. Majoriteten av forpliktelsene gjelder **høyrisiko-systemer**, som omfatter AI brukt i kritiske områder som ansettelse, kredittvurdering, rettshåndhevelse og kritisk infrastruktur. diff --git a/skills/ms-ai-governance/references/responsible-ai/gdpr-compliance-ai-systems.md b/skills/ms-ai-governance/references/responsible-ai/gdpr-compliance-ai-systems.md index 5c1b1ea..f9fbed6 100644 --- a/skills/ms-ai-governance/references/responsible-ai/gdpr-compliance-ai-systems.md +++ b/skills/ms-ai-governance/references/responsible-ai/gdpr-compliance-ai-systems.md @@ -162,7 +162,9 @@ Raw Data (PersonID, Name, Email, Medical Record) → Anonymized Training Data (safe for model training) ``` -**GDPR-relevans**: Anonymiserte data er IKKE personopplysninger under GDPR, og dermed ikke underlagt samme restriksjoner. +**GDPR-relevans**: Effektivt anonymiserte data er ikke personopplysninger under GDPR, og dermed ikke underlagt samme restriksjoner. + +> **⚠️ Nyanse — EDPB Opinion 28/2024 (verifisert 2026-06-18):** «Anonymisert = utenfor GDPR-scope» kan **ikke antas** — det er en løpende, konkret vurdering. EDPB fastslår at en modell først er anonym når **både** (a) sannsynligheten for å trekke ut personopplysninger direkte, og (b) sannsynligheten for å få ut personopplysninger via spørringer, er ubetydelig — vurdert ut fra alle rimelig sannsynlige midler (jf. fortalepunkt 26 GDPR). En modell trent på anonymiserte data kan fortsatt bære re-identifiseringsrisiko. [EDPB Opinion 28/2024](https://www.edpb.europa.eu/our-work-tools/our-documents/opinion-board-art-64/opinion-282024-certain-data-protection-aspects_en). **Confidence marker**: Baseline (model knowledge) + Verified (SmartNoise reference fra MCP) @@ -273,7 +275,7 @@ User DSR Request → Logic App / Power Automate | Chatbot som svarer på FAQ (ingen persondata) | ❌ Nei | Ingen høyrisikobehandling | | Chatbot som aksesserer HR-data for å svare på permisjonsspørsmål | ✅ Ja | Behandling av personopplysninger på vegne av bruker | | AI-modell for ansiktsgjenkjenning i videoovervåking | ✅ Ja | Biometriske data + systematisk overvåking | -| Fine-tuning av modell på anonymisert salgsdata | ❌ Nei | Anonymiserte data er ikke personopplysninger | +| Fine-tuning av modell på anonymisert salgsdata | ⚠️ Betinget | Kun hvis anonymiseringen er effektiv og re-identifiseringsrisiko er ubetydelig (EDPB Opinion 28/2024) — ellers personopplysninger | | Automated decision-making for lånegodkjenning | ✅ Ja | Automatisert beslutning med legal/finansiell effekt | **Anbefaling**: Gjennomfør DPIA for alle AI-systemer som behandler personopplysninger hvor det er automatisert beslutning, profilering, eller sensitiv data (helse, økonomi, biometri). @@ -284,7 +286,7 @@ User DSR Request → Logic App / Power Automate **Utfordring**: Hvis en bruker ber om sletting av sine data, og disse dataene er brukt til å trene en modell, må modellen retrenes? -**GDPR-perspektiv**: Hvis dataene er effektivt anonymisert før trening, er de ikke lenger personopplysninger, og sletting er ikke påkrevd. Hvis dataene IKKE var anonymisert, må organisasjonen enten: +**GDPR-perspektiv**: Hvis dataene er **effektivt** anonymisert før trening og modellen ikke bærer re-identifiseringsrisiko (jf. EDPB Opinion 28/2024 — vurder case-by-case, ikke anta), er de ikke lenger personopplysninger, og sletting er ikke påkrevd. Hvis dataene IKKE var anonymisert — eller modellen fortsatt kan eksponere dem via spørringer — må organisasjonen enten: 1. Retrain modellen uten brukerens data (kostbart) 2. Dokumentere at dataene er aggregert på en måte som gjør identifikasjon umulig (unlearning) 3. Bruke differential privacy fra starten for å sikre at individuelle datapunkter ikke kan rekonstrueres fra modellen From e406ef395eff4ab56a0e8bcca854622562d8780e Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 20:32:43 +0200 Subject: [PATCH 017/309] =?UTF-8?q?feat(ms-ai-architect):=20#8b=20currency?= =?UTF-8?q?=20M-items=20=E2=80=94=20Defender=20AI=20threat=20protection=20?= =?UTF-8?q?+=20OWASP=20LLM04/06/08/09=20+=20M365=20E7/Agent=20365=20+=20Fo?= =?UTF-8?q?undry=20Local=20air-gapped?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Phase B (M-items) av #8 currency-rest. Nytt innhold, verifisert mot Microsoft Learn + OWASP GenAI 2026-06-18 (tre research-subagenter). Begge nye KB-filer wiret i SKILL.md (de-orphan bekreftet: kb-integrity 115/115, orphan-warnings uendret 262). Nye KB-filer (ms-ai-security/references/ai-security-engineering/): - owasp-llm-top10-azure-mitigations.md — konsolidert dekning av de fire OWASP 2025-kategoriene som manglet referanse i SKILL.md-mappingen (LLM04 Data/Model Poisoning, LLM06 Excessive Agency, LLM08 Vector/ Embedding Weaknesses, LLM09 Misinformation) med verifiserte Azure-tiltak. OWASP-side 404 for LLM06/08/09 → definisjoner kryssverifisert, merket. - defender-threat-protection-ai-services.md — Defender for Cloud «AI threat protection» (gjeldende navn; plan «Defender for AI Services»). GA for AI applications, Preview for AI agents (fra 2026-02-02). Varselliste m/ Alert ID + MITRE-taktikk, Prompt Shields-integrasjon, prising (75B-token trial). KRITISK: ikke tilgjengelig i Azure Government (norsk off. sektor). SKILL.md (ms-ai-security): - Fylte de 4 «—»-radene LLM04/06/08/09 → owasp-llm-top10-azure-mitigations.md. - La til Defender-referanse (kjøretids-trusseldeteksjon) + Government-forbehold. - Fil-telling ai-security-engineering 17→22 (17 var stale; faktisk 20 + 2 nye). licensing-matrix.md (ms-ai-advisor): - Ny rad «Microsoft 365 E7» i master-matrisen + dedikert E7/Agent 365-seksjon. E7 (GA 2026-05-01) bundler E5 + M365 Copilot + Agent 365 + Entra Suite. Agent 365 = IT-admin kontrollplan (registry/Entra Agent ID/Defender/Purview). VERIFISERT at begge er reelle SKU-er. Priser (~$99 E7 / ~$15 Agent 365) er community-/partnerkilder → eksplisitt merket uverifisert. disconnected-ai-scenarios.md (ms-ai-infrastructure): - Ny seksjon «Foundry Local — generativt lokalt og air-gapped». To produkter: on-device (offline etter nedlasting, ingen Azure-sub) + on Azure Local (Arc/Kubernetes, Preview). Air-gapped/disconnected støttet fra juni 2026 (Preview): edgeartifacts-registry, expansion packs, lokal AD, ingen telemetri. Del av Microsoft Sovereign Private Cloud — relevant for norsk suverenitet. Tester: validate-plugin 239 PASS / 0 FAIL / 0 WARN · kb-integrity 115/115 (262 pre-eksisterende orphan-warnings, uendret) · run-e2e alle suiter PASS. #8 nå komplett (S-bannere #8a + M-items #8b). Neste: #9 v1.16.0 release. FLAGG: `/architect:kb-update` apply forblir UTSATT (krever egen bekreftelse). Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- .../architecture/licensing-matrix.md | 23 +++++ .../hybrid-edge/disconnected-ai-scenarios.md | 25 +++++ skills/ms-ai-security/SKILL.md | 14 +-- .../defender-threat-protection-ai-services.md | 94 ++++++++++++++++++ .../owasp-llm-top10-azure-mitigations.md | 97 +++++++++++++++++++ 5 files changed, 247 insertions(+), 6 deletions(-) create mode 100644 skills/ms-ai-security/references/ai-security-engineering/defender-threat-protection-ai-services.md create mode 100644 skills/ms-ai-security/references/ai-security-engineering/owasp-llm-top10-azure-mitigations.md diff --git a/skills/ms-ai-advisor/references/architecture/licensing-matrix.md b/skills/ms-ai-advisor/references/architecture/licensing-matrix.md index b3b70bd..d4d52cf 100644 --- a/skills/ms-ai-advisor/references/architecture/licensing-matrix.md +++ b/skills/ms-ai-advisor/references/architecture/licensing-matrix.md @@ -21,6 +21,7 @@ Denne referansen gir en komplett oversikt over hvordan Microsoft-lisenser gir ti |---------|--------------|--------------------|--------------------|-------------------|-------------------|----------|----------------| | **Microsoft 365 E3** | 💰 Add-on required | ✅ Included | 💰 Requires M365 Copilot | 500/user* | Standard connectors | ❌ Separate Azure sub | ❌ Requires Copilot Studio license | | **Microsoft 365 E5** | 💰 Add-on required | ✅ Included | 💰 Requires M365 Copilot | 500/user* | Standard connectors | ❌ Separate Azure sub | ❌ Requires Copilot Studio license | +| **Microsoft 365 E7** (ny, GA 2026-05-01) | ✅ Bundled | ✅ Included | ✅ Included | 500/user* | Standard connectors | ❌ Separate Azure sub | ✅ via M365 Copilot + Agent 365-governance | | **Microsoft 365 Business Basic** | 💰 Add-on required | ✅ Included | 💰 Requires M365 Copilot | ❌ Not included | Standard connectors | ❌ Separate Azure sub | ❌ Requires Copilot Studio license | | **Microsoft 365 Business Standard** | 💰 Add-on required | ✅ Included | 💰 Requires M365 Copilot | ❌ Not included | Standard connectors | ❌ Separate Azure sub | ❌ Requires Copilot Studio license | | **Microsoft 365 Business Premium** | 💰 Add-on required | ✅ Included | 💰 Requires M365 Copilot | ❌ Not included | Standard connectors | ❌ Separate Azure sub | ❌ Requires Copilot Studio license | @@ -29,6 +30,28 @@ Denne referansen gir en komplett oversikt over hvordan Microsoft-lisenser gir ti *\*AI Builder seeded credits fjernes 1. november 2026* +### Microsoft 365 E7 + Microsoft Agent 365 (nytt — GA 1. mai 2026) + +> **Verifisert 2026-06-18 mot Microsoft Learn.** Prisene under er fra community-/partnerkilder, ikke offisiell prissettingsside — verifiser før bruk i tilbud eller beslutningsunderlag. + +**Microsoft 365 E7** er det nye øverste enterprise-nivået (annonsert 9. mars 2026, GA 1. mai 2026) — det første SKU-et som bundler i én lisens: +- Alt i **Microsoft 365 E5** (Office, Teams, Defender, Intune, Purview, Power BI Pro, E5 Security/Compliance) +- **Microsoft 365 Copilot** (inkludert — ikke add-on) +- **Microsoft Agent 365** (inkludert) +- **Microsoft Entra Suite** + +Indikativ pris: ~$99/bruker/måned *(community-kilde — ikke offisielt verifisert)*. Kilde: [Agent management — licensing](https://learn.microsoft.com/microsoft-365/admin/manage/agent-365-overview). + +**Microsoft Agent 365** er en IT-admin **kontrollplan for AI-agenter** (ikke et sluttbrukerverktøy): +- **Registry:** samlet inventar over alle agenter (Foundry, Copilot Studio, egenutviklede, oppdagede «shadow agents»). Foundry-/Copilot Studio-agenter registreres automatisk. +- **Access control:** Entra Agent ID + risikobasert Conditional Access for agentidentiteter. +- **Observability:** sanntidsovervåkning, «Agent Map», bruksmønstre. +- **Security:** integrert med Defender og Purview for trusselbeskyttelse og DLP. + +Tilgjengelig som selvstendig add-on (~$15/bruker/måned, *community-kilde*); anbefalt prerekvisitt M365 E5. Kilde: [Overview of Microsoft Agent 365](https://learn.microsoft.com/microsoft-agent-365/overview). + +**Agent-fakturering (Copilot Credits):** classic answer 1 · generative answer 2 · agent action 5 · tenant graph grounding 10 Credits. Brukere med M365 Copilot-lisens (inkl. E7) betaler **ikke** Credits for agenter i Copilot Chat/Teams/SharePoint (B2E, opp til fair-use). Kilde: [Copilot Studio billing rates](https://learn.microsoft.com/microsoft-copilot-studio/requirements-messages-management). + ### Power Platform Licenses | License | AI Builder Credits (monthly) | Copilot Studio Access | Premium Connectors | RPA Capabilities | diff --git a/skills/ms-ai-infrastructure/references/hybrid-edge/disconnected-ai-scenarios.md b/skills/ms-ai-infrastructure/references/hybrid-edge/disconnected-ai-scenarios.md index 815c1d9..b3d1569 100644 --- a/skills/ms-ai-infrastructure/references/hybrid-edge/disconnected-ai-scenarios.md +++ b/skills/ms-ai-infrastructure/references/hybrid-edge/disconnected-ai-scenarios.md @@ -43,6 +43,31 @@ AI-scenarioer fordeler seg langs et tilkoblingsspektrum: ## Offline Model Deployment +### Foundry Local — generativ inferens lokalt og air-gapped + +To distinkte produkter under «Foundry Local»-paraplyen (verifisert 2026-06-18 mot Microsoft Learn): + +| Produkt | Formål | Azure-abonnement | Status | +|---------|--------|------------------|--------| +| **Foundry Local** (on-device) | Lokal modellruntime i klientapper (Windows/macOS/Linux). SDK: C#/JS/Rust/Python. Data forlater aldri enheten. | Nei | Tilgjengelig | +| **Foundry Local on Azure Local** | Enterprise-skala inferens på on-prem Arc-enabled Kubernetes (Azure Local, tidl. Azure Stack HCI). | Ja | Preview (tilgang på søknad) | + +**Foundry Local (on-device)** kjører inferens helt på enheten og fungerer **offline etter at modeller er lastet ned** (caches lokalt). Nettverk brukes kun til første modellnedlasting og valgfri diagnostikk. Ingen per-token-kostnad. Modellkatalog: Phi, Qwen, DeepSeek, Mistral, GPT OSS (chat), Whisper (audio). + +**Foundry Local on Azure Local — air-gapped/disconnected** (offisielt støttet fra **juni 2026**, Preview): kan deployes i miljøer uten internett. Forskjeller fra connected: + +| Aspekt | Connected | Disconnected (air-gapped) | +|--------|-----------|---------------------------| +| Modellkilde | Foundry cloud-katalog | Lokalt `edgeartifacts` container registry (fra expansion packs) | +| Extension | Standard Arc-extension | Expansion pack lastes ned + importeres manuelt | +| Sertifikater | `azure-cert-manager` | `cert-manager` + `trust-manager` (i expansion pack) | +| Telemetri | Til Microsoft | **Sendes ikke** | +| Autentisering | Offentlige Entra ID-endepunkter | Integrert med **lokal Active Directory** | + +Modeller forhåndsinstalleres: expansion pack lastes ned i tilkoblet miljø, overføres manuelt og importeres med PowerShell (`Start-AldoExpansionPackUpload`/`-Installation`) → publiseres til `edgeartifacts`. Arc er obligatorisk koblingsmekanisme, men trenger ikke løpende Azure-tilkobling i disconnected-modus. Inferens-runtimes: ONNX-GenAI (CPU/GPU) og vLLM (GPU). Multi-node Kubernetes (juni 2026) gir concurrent inferens og større modeller. + +**Suverenitet (norsk offentlig sektor):** Foundry Local on Azure Local er del av **Microsoft Sovereign Private Cloud**. Disconnected-modus er eksplisitt rettet mot suverene, klassifiserte og strengt regulerte miljøer — ingen telemetri til Microsoft, data og kontrollplan innenfor virksomhetens grenser. Eligibility krever dokumentert forretnings-/regulatorisk begrunnelse. Kilder: [Foundry Local](https://learn.microsoft.com/azure/foundry-local/what-is-foundry-local) · [Foundry Local on Azure Local — disconnected](https://learn.microsoft.com/azure/azure-sovereign-clouds/private/foundry-local/disconnected-operations/concept-overview). + ### Azure AI Foundry Tools Disconnected Containers Microsofts primaere losning for AI-tjenester uten nettverkstilkobling: diff --git a/skills/ms-ai-security/SKILL.md b/skills/ms-ai-security/SKILL.md index bdda1e0..c4bb8bf 100644 --- a/skills/ms-ai-security/SKILL.md +++ b/skills/ms-ai-security/SKILL.md @@ -79,15 +79,17 @@ Map each threat to the solution under assessment. Use the reference files for de | LLM01 | Prompt Injection | Content Safety Prompt Shields, system message hardening, Groundedness Detection | `prompt-injection-defense-patterns.md` | | LLM02 | Sensitive Information Disclosure | PII-filter, Purview DLP, output-filtrering | `data-leakage-prevention-ai.md`, `pii-detection-norwegian-context.md` | | LLM03 | Supply Chain Vulnerabilities | AI Foundry curated models, signed models, DLP for connectors | `supply-chain-security-ai-models.md` | -| LLM04 | Data and Model Poisoning | Azure ML data lineage, isolated fine-tuning, Purview validation | — | +| LLM04 | Data and Model Poisoning | Azure ML data lineage, isolated fine-tuning, Purview validation | `owasp-llm-top10-azure-mitigations.md` | | LLM05 | Improper Output Handling | Grounding Detection API, Content Safety output-filtre, Structured Outputs | `output-validation-grounding-verification.md` | -| LLM06 | Excessive Agency | Copilot Studio scoped tools, RBAC per project, human-in-the-loop, budget caps | — | +| LLM06 | Excessive Agency | Copilot Studio scoped tools, RBAC per project, human-in-the-loop, budget caps | `owasp-llm-top10-azure-mitigations.md` | | LLM07 | System Prompt Leakage | Metaprompt patterns, Prompt Shields, output monitoring | `jailbreak-prevention-production.md` | -| LLM08 | Vector and Embedding Weaknesses | AI Search managed identities, index-level security filters, Private Endpoints | — | -| LLM09 | Misinformation | RAG grounding, Groundedness Detection, citation patterns, confidence scoring | — | +| LLM08 | Vector and Embedding Weaknesses | AI Search managed identities, index-level security filters, Private Endpoints | `owasp-llm-top10-azure-mitigations.md` | +| LLM09 | Misinformation | RAG grounding, Groundedness Detection, citation patterns, confidence scoring | `owasp-llm-top10-azure-mitigations.md` | | LLM10 | Unbounded Consumption | Rate limits, token budgets, PTU for capacity, Cost Management alerts | — | -All reference files are in `references/ai-security-engineering/`. +All reference files are in `references/ai-security-engineering/`. LLM04/06/08/09 deler den konsoliderte filen `owasp-llm-top10-azure-mitigations.md`; LLM10 dekkes av rate-limit-/kostnadsfiler. + +Kjøretids-trusseldeteksjon for AI-endepunkter dekkes av `defender-threat-protection-ai-services.md` (Defender for Cloud AI threat protection — GA for AI applications, Preview for AI agents; merk: **ikke** tilgjengelig i Azure Government). ### Azure AI-spesifikke sikkerhetskontroller @@ -167,7 +169,7 @@ For detailed implementation guidance, see specific files in `references/performa | Katalog | Filer | Innhold | |---------|-------|---------| -| `references/ai-security-engineering/` | 17 | Forsvar, testing, scoring, hendelseshåndtering, Zero Trust, STRIDE-AI, prompt injection, content safety | +| `references/ai-security-engineering/` | 22 | Forsvar, testing, scoring, hendelseshåndtering, Zero Trust, STRIDE-AI, prompt injection, content safety, OWASP LLM-tiltak, Defender AI threat protection | | `references/cost-optimization/` | 21 | Kostnadsmodellering, FinOps, token-optimalisering, PTU/PAYG, caching, right-sizing, SLM-økonomi | | `references/performance-scalability/` | 18 | Latency, skalering, streaming, batch API, rate limits, benchmarking, GPU-dimensjonering | diff --git a/skills/ms-ai-security/references/ai-security-engineering/defender-threat-protection-ai-services.md b/skills/ms-ai-security/references/ai-security-engineering/defender-threat-protection-ai-services.md new file mode 100644 index 0000000..a504810 --- /dev/null +++ b/skills/ms-ai-security/references/ai-security-engineering/defender-threat-protection-ai-services.md @@ -0,0 +1,94 @@ +# Defender for Cloud — AI threat protection + +**Last updated:** 2026-06 | Verified: MCP 2026-06-18 +**Status:** GA (AI applications) · Preview (AI agents, fra 2026-02-02) +**Category:** AI Security Engineering — Threat Detection & Monitoring + +--- + +## Introduksjon + +Microsoft Defender for Cloud tilbyr kjøretids-trusseldeteksjon for generative AI-arbeidsbelastninger gjennom funksjonen **AI threat protection**, levert via planen **Defender for AI Services**. Der Azure AI Content Safety (Prompt Shields, Groundedness) er *preventive* kontroller i selve applikasjonsflyten, er Defender for AI Services et *detektivt* lag: det genererer sikkerhetsvarsler i Defender-portalen når mistenkelig aktivitet treffer modell-endepunktene, og korrelerer dette med MITRE ATT&CK-taktikker og organisasjonens øvrige sikkerhetssignaler (XDR). + +> **Navne-currency (verifisert 2026-06-18):** Gjeldende offisielle navn er **«AI threat protection»** (funksjon) under planen **«Defender for AI Services»**. Det erstatter den tidligere betegnelsen «Threat protection for AI workloads». Kilde: [AI threat protection in Microsoft Defender for Cloud](https://learn.microsoft.com/azure/defender-for-cloud/ai-threat-protection). + +--- + +## Dekning og status + +| Område | Status | Merknad | +|--------|--------|---------| +| AI applications (Azure OpenAI + Azure AI Model Inference) | **GA** | Produksjonsklart for kommersiell Azure | +| AI agents (Azure AI Foundry Agent Service) | **Preview** (fra 2026-02-02) | Samme plan, varsler under utrulling | +| AI models (skanning av opplastede modeller) | **Preview** | F.eks. «Malicious content in uploaded AI model» | + +**Ressurser som dekkes:** Azure OpenAI Service (alle støttede modeller) og Azure AI Model Inference (Foundry-modeller). **Kun tekst-tokens skannes** — bilde- og lyd-tokens skannes ikke. + +> **⚠️ Kritisk for norsk offentlig sektor (verifisert 2026-06-18):** AI threat protection er tilgjengelig i **kommersiell Azure**, men **IKKE i Azure Government** og **ikke i Azure operated by 21Vianet**. Virksomheter som vurderer suveren/Government-sky må planlegge alternativ trusseldeteksjon (f.eks. egne SIEM-regler på Azure Monitor-logger). Kilde: [AI threat protection — availability](https://learn.microsoft.com/azure/defender-for-cloud/ai-threat-protection). + +--- + +## Hva den oppdager + +Varslene er gruppert i AI applications, AI agents og AI models. Hvert varsel er kartlagt til MITRE ATT&CK-taktikker. Utvalg (AI applications, GA der ikke annet er angitt): + +| Trussel | Alert ID | MITRE-taktikk | Alvorlighet | +|---------|----------|---------------|-------------| +| Jailbreak blokkert av Prompt Shields | `AI.Azure_Jailbreak.ContentFiltering.BlockedAttempt` | Privilege Escalation, Defense Evasion | Medium | +| Jailbreak oppdaget (ikke blokkert) | `AI.Azure_Jailbreak.ContentFiltering.DetectedAttempt` | Privilege Escalation, Defense Evasion | Medium | +| ASCII Smuggling — indirekte prompt injection | `AI.Azure_ASCIISmuggling` | Impact | High | +| Credential theft mot modell-deployment | `AI.Azure_CredentialTheftAttempt` | Credential Access, Lateral Movement, Exfiltration | Medium | +| Phishing-URL delt i AI-app/modellrespons | `AI.Azure_MaliciousUrl.ModelResponse` | Impact (Defacement) | High | +| Tilgang fra Tor-IP | `AI.Azure_AccessFromAnonymizedIP` | Execution | High | +| Tilgang fra mistenkelig IP (MS Threat Intel) | `AI.Azure_AccessFromSuspiciousIP` | Execution | High | +| Wallet attack — gjentatte identiske kall (Denial of Wallet) | `AI.Azure_DOWDuplicateRequests` | Impact | Medium | +| Wallet attack — volumanomali (DoW) | `AI.Azure_DOWVolumeAnomaly` | Impact | Medium | +| Anomal verktøy-invokasjon | `AI.Azure_AnomalousToolInvocation` | Execution | Low | +| LLM Reconnaissance-forsøk *(Preview)* | `AI.Azure_LLMReconnaissance` | Reconnaissance | Low | + +For **AI agents** (Foundry Agent Service, alle Preview) finnes tilsvarende varsler, samt `instruction prompt leak` og `agent reconnaissance attempt`. Full liste: [Alerts for AI services](https://learn.microsoft.com/azure/defender-for-cloud/alerts-ai-workloads). + +### Integrasjon med Prompt Shields og «user prompt evidence» + +Jailbreak- og prompt-injection-deteksjon utføres av **Azure AI Content Safety Prompt Shields**; Defender for Cloud konsumerer signalet, genererer varselet og kan vise **user prompt evidence** — utdrag av bruker-prompt og modellrespons direkte i Defender-portalen for triage. Sensitive data redigeres automatisk, og evidens kan **skrus av per abonnement** av personvernhensyn. Kilde: [Enable threat protection for AI services](https://learn.microsoft.com/azure/defender-for-cloud/ai-onboarding). + +--- + +## Aktivering og prising + +- **Aktivering:** Defender for Cloud → *Environment settings* → abonnement → planen **AI services** → toggle On. Krever **Owner** eller **Contributor** på abonnementsnivå. +- **Prising:** 30-dagers gratis prøveperiode begrenset til **75 milliarder skannede tokens**; fakturering starter hvis grensen nås innenfor perioden. Eksakt pris per token: se [Defender for Cloud pricing](https://azure.microsoft.com/pricing/details/defender-for-cloud/) *(ikke gjengitt her — verifiser før bruk i delt dokumentasjon)*. + +--- + +## Relasjon til rammeverk + +- **OWASP LLM Top 10:** February 2026 release notes beskriver at agent-trusselbeskyttelsen adresserer «high-impact, actionable threats aligned with OWASP guidance for LLM and agentic AI systems». Defender utgjør det detektive laget i en OWASP-dekning sammen med preventive Content Safety-kontroller (se `owasp-llm-top10-azure-mitigations.md`). +- **MITRE ATT&CK:** taktikker er oppgitt per varsel i alert-referansen. +- **MITRE ATLAS:** referert i Azure AI security best practices som anbefalt red-team-ramme, men ikke eksplisitt kartlagt i selve Defender-varslene (*ikke verifisert som varsel-mapping*). + +--- + +## Plassering i sikkerhetsarkitekturen + +Defender for AI Services er **deteksjon/respons**, ikke prevensjon. Anbefalt lagdeling: + +1. **Preventivt:** Content Safety Prompt Shields + Groundedness, system message hardening, RBAC/Entra Agent ID (se `zero-trust-ai-services.md`). +2. **Detektivt:** Defender for AI Services-varsler → Defender XDR / Microsoft Sentinel for korrelasjon. +3. **Respons:** hendelseshåndtering med AI-spesifikke playbooks (se `ai-incident-response-procedures.md`). + +For 6×5-sikkerhetsscoringen styrker Defender for AI Services særlig dimensjonene *Threat Detection* og *Monitoring & Response* — men kun i kommersiell Azure (se Government-forbeholdet over). + +--- + +## Kilder og verifisering + +| Kilde | Konfidens | URL | +|-------|-----------|-----| +| AI threat protection (oversikt + availability) | **Verified** (MCP 2026-06-18) | [learn.microsoft.com](https://learn.microsoft.com/azure/defender-for-cloud/ai-threat-protection) | +| Alerts for AI services (full varselliste + MITRE) | **Verified** | [learn.microsoft.com](https://learn.microsoft.com/azure/defender-for-cloud/alerts-ai-workloads) | +| Enable threat protection for AI services (aktivering, prompt evidence, prøveperiode) | **Verified** | [learn.microsoft.com](https://learn.microsoft.com/azure/defender-for-cloud/ai-onboarding) | +| What's new — February 2026 (AI agents preview, OWASP-alignment) | **Verified** | [learn.microsoft.com](https://learn.microsoft.com/azure/defender-for-cloud/release-notes) | +| Azure AI security best practices (MITRE ATLAS-referanse) | **Verified** | [learn.microsoft.com](https://learn.microsoft.com/azure/security/fundamentals/ai-security-best-practices) | + +**Forbehold:** Eksakt pris per token og fullstendig liste over støttede regioner er ikke gjengitt — verifiser mot prissettingssiden ved behov. AI agents-varsler er Preview per 2026-06 og kan endres før GA. diff --git a/skills/ms-ai-security/references/ai-security-engineering/owasp-llm-top10-azure-mitigations.md b/skills/ms-ai-security/references/ai-security-engineering/owasp-llm-top10-azure-mitigations.md new file mode 100644 index 0000000..68d7f0c --- /dev/null +++ b/skills/ms-ai-security/references/ai-security-engineering/owasp-llm-top10-azure-mitigations.md @@ -0,0 +1,97 @@ +# OWASP LLM Top 10 (2025) — Azure-tiltak for LLM04/06/08/09 + +**Last updated:** 2026-06 | Verified: MCP 2026-06-18 +**Status:** Referanse (OWASP 2025 + Azure-tiltak) +**Category:** AI Security Engineering — Threat Modeling & Controls + +--- + +## Formål + +SKILL.md-mappingen mot **OWASP Top 10 for LLM Applications 2025** har dedikert referansedekning for LLM01/02/03/05/07 og for LLM10 (via rate-limit/kostnadsfiler). Denne filen fyller de fire gjenstående kategoriene — **LLM04, LLM06, LLM08, LLM09** — med OWASP-definisjon og konkrete, verifiserte Azure/Microsoft-tiltak. + +> **Kilde-forbehold (verifisert 2026-06-18):** OWASP-listens eksistens og LLM04-definisjonen er hentet direkte fra `genai.owasp.org` (HTTP 200). De individuelle risikosidene for LLM06/08/09 returnerte 404 under innhenting; definisjonene er kryssverifisert mot flere sekundærkilder som siterer OWASP 2025-dokumentet. Azure-tiltakene er grounded i Microsoft Learn (lenker per tiltak). + +--- + +## LLM04 — Data and Model Poisoning + +**OWASP 2025:** «Data poisoning occurs when pre-training, fine-tuning, or embedding data is manipulated to introduce vulnerabilities, backdoors, or biases.» Integritetsangrep på treningsdata — direkte injeksjon, bakdører med trigger, indirekte kontaminering via brukerinteraksjon, og supply chain-risiko fra delte modell-repositories. Kilde: [LLM04 — genai.owasp.org](https://genai.owasp.org/llmrisk/llm04-data-and-model-poisoning/). + +| Azure/Microsoft-tiltak | Mekanisme | +|------------------------|-----------| +| **Azure ML model registry + provenance** | Sentralisert opprinnelse/verifikasjonsstatus. Azure Policy *«ML Deployments should only use approved Registry Models»* kan settes til **Deny** for å blokkere ikke-godkjente modeller. | +| **Kodesignering for treningskode** | Azure Well-Architected krever signert kode i ML compute — sikrer at treningskode er fra betrodd kilde. | +| **Hash-verifisering + adversarial scanning** | Valider modellintegritet og test mot adversarial input før godkjenning. | +| **Microsoft Purview data lineage + DSPM for AI** | Lineage-sporing og Data Security Posture Management for treningsdata-risiko. | +| **Dataversjonering (Git/Azure DevOps)** | Versjonskontroll av grounding-data → rollback ved uventet modelloppførsel. | +| **Defender for Cloud AI threat protection** | Kontinuerlig deteksjon av modellmanipulasjon (se `defender-threat-protection-ai-services.md`). | + +Kilder: [Azure AI security best practices](https://learn.microsoft.com/azure/security/fundamentals/ai-security-best-practices) · [MCSB AI-1: approved models](https://learn.microsoft.com/security/benchmark/azure/mcsb-v2-artificial-intelligence-security) · [Well-Architected: training data lineage](https://learn.microsoft.com/azure/well-architected/ai/training-data-design). + +--- + +## LLM06 — Excessive Agency + +**OWASP 2025:** «Excessive Agency is the vulnerability that enables damaging actions to be performed in response to unexpected, ambiguous or manipulated outputs from an LLM.» Oppstår når agenten gis mer kapabilitet, tillatelse eller autonomi enn nødvendig — forsterket i agent-arkitekturer der modellen dynamisk velger verktøy. Kilde: OWASP 2025 (kryssverifisert; OWASP-side 404 ved innhenting). + +| Azure/Microsoft-tiltak | Mekanisme | +|------------------------|-----------| +| **Microsoft Entra Agent ID** | Hver agent får egen identitet med scoped OAuth 2.0-tillatelser; Entra blokkerer høyprivilegerte roller. GA. | +| **Agent Identity Blueprints + Conditional Access** | Håndhev CA-policyer per blueprint; deaktivering av blueprint deaktiverer alle tilhørende agenter umiddelbart. | +| **Copilot Studio DLP + granulære connector-scopes** | DLP i Power Platform Admin Center; agenten gis kun de connector-operasjonene den faktisk bruker (least-privilege i praksis). | +| **Human-in-the-loop** | Agent Framework `approval_mode: always_require`; Copilot Studio skriver aldri til Dataverse uten brukergodkjenning. | +| **Least-privilege RBAC** | Built-in roller på prosjekt-/workspace-nivå; scoped, kortlevde tokens for agent-funksjoner. | +| **Content Safety Task Adherence** | Detekterer feiljustert/utilsiktet verktøybruk relativt til brukerintensjon. | + +Kilder: [Entra Agent ID](https://learn.microsoft.com/entra/agent-id/what-is-microsoft-entra-agent-id) · [Authorization in Entra Agent ID](https://learn.microsoft.com/entra/agent-id/authorization-agent-id) · [Copilot Studio DLP](https://learn.microsoft.com/microsoft-copilot-studio/admin-data-loss-prevention) · [Autonomous agents — best practices](https://learn.microsoft.com/microsoft-copilot-studio/guidance/autonomous-agents). + +--- + +## LLM08 — Vector and Embedding Weaknesses + +**OWASP 2025:** Sikkerhetsrisiko i vektordatabaser og embeddings — forgiftede embeddings, cross-tenant-lekkasje, embedding inversion (rekonstruksjon av sensitive data fra vektorer), tillatelsesomgåelse i RAG-pipelines. Kilde: OWASP 2025 (kryssverifisert; OWASP-side 404 ved innhenting). + +| Azure/Microsoft-tiltak | Mekanisme | Status | +|------------------------|-----------|--------| +| **Document-level access control (security trimming)** | Permission-metadata (ACL/RBAC/Purview-labels) lagres i indeksen og håndheves ved query-tid via Entra-token (`x-ms-query-source-authorization`). | GA (filters) / Preview (ACL fra ADLS Gen2, API `2026-05-01-preview`) | +| **Managed Identity for Azure AI Search** | Outbound-auth uten hardkodede nøkler. | GA | +| **Private Endpoints** | Deaktiverer public network access; trafikk over Microsoft backbone. | GA | +| **Multi-tenant-isolasjon** | Index-per-tenant / service-per-tenant / hybrid; sterkest separasjon = dedikert service per tenant. | GA | +| **Purview sensitivity labels på indeks** | Label-basert tilgangskontroll oppdaget under indeksering. | Preview | + +Kilder: [Document-level access control](https://learn.microsoft.com/azure/search/search-document-level-access-overview) · [Search security best practices](https://learn.microsoft.com/azure/search/search-security-best-practices) · [Multitenant SaaS + AI Search](https://learn.microsoft.com/azure/search/search-modeling-multitenant-saas-applications) · [Private endpoint for AI Search](https://learn.microsoft.com/azure/search/service-create-private-endpoint). + +--- + +## LLM09 — Misinformation + +**OWASP 2025:** Risiko for at LLM-er genererer eller sprer troverdig fremstilt feilinformasjon — primært via hallusinasjon og fabrikerte siteringer. Kilde: OWASP 2025 (kryssverifisert; OWASP-side 404 ved innhenting). + +| Azure/Microsoft-tiltak | Mekanisme | Status | +|------------------------|-----------|--------| +| **Groundedness Detection (Content Safety)** | Detekterer om svar er forankret i kildedokumenter; Reasoning-mode gir rotårsak; Correction korrigerer ungrounded tekst automatisk. | Public preview | +| **RAG-grounding med Azure AI Search** | Forankrer svar i organisasjonens dokumenter fremfor parametrisk kunnskap. | GA | +| **Citation/reference-mønster** | Strukturerte `citations`-objekter (title/filepath/url/content) → superscript-lenker til kilde i UI. | GA | +| **Copilot Studio — Grounding in Trusted Data** | Svar forankret i datakilder brukeren har tilgang til. | GA | +| **AI Foundry Evaluation — groundedness/completeness** | Måler grounding i end-to-end LLM-evaluering. | GA | +| **Prompt Shields** | Blokkerer indirekte prompt injection som kan styre svar mot feilinformasjon. | GA | + +Kilder: [Groundedness detection](https://learn.microsoft.com/azure/ai-services/content-safety/concepts/groundedness) · [Content Safety overview](https://learn.microsoft.com/azure/ai-services/content-safety/overview) · [Web app citations](https://learn.microsoft.com/azure/ai-foundry/openai/how-to/use-web-app) · [Copilot Studio safety components](https://learn.microsoft.com/microsoft-copilot-studio/system-service-card-copilot-studio). + +--- + +## Lagdelt dekning + +OWASP-kategoriene dekkes best ved å kombinere **preventive** kontroller (Content Safety, Entra Agent ID, AI Search-sikkerhet) med **detektive** (Defender for AI Services, se `defender-threat-protection-ai-services.md`) og **prosess** (STRIDE-/ATLAS-trusselmodellering, se `ai-threat-modeling-stride.md`). For norsk offentlig sektor: merk at Defender for AI Services *ikke* er tilgjengelig i Azure Government — preventive kontroller og egen logg-basert deteksjon blir da viktigere. + +--- + +## Kilder og verifisering + +| Kilde | Konfidens | Merknad | +|-------|-----------|---------| +| OWASP Top 10 for LLM Applications 2025 (liste) | **Verified** | [genai.owasp.org](https://genai.owasp.org/llm-top-10/) (HTTP 200) | +| LLM04-definisjon | **Verified** | OWASP-domenet direkte (HTTP 200) | +| LLM06/08/09-definisjoner | **Medium** | OWASP risikosider 404 ved innhenting; kryssverifisert mot flere sekundærkilder | +| Azure-tiltak (alle kategorier) | **Verified** (MCP 2026-06-18) | Microsoft Learn, lenker per tiltak over | From dc55ffa902cc762108ca200629e23f5970e6a3ff Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 20:52:54 +0200 Subject: [PATCH 018/309] =?UTF-8?q?feat(ms-ai-architect):=20#9=20v1.16.0?= =?UTF-8?q?=20=E2=80=94=20currency=20+=20privat-sektor-paritets-release?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Siste audit-item (#9). Versjonsbump + telling-/konsistens-synk for hele audit-syklusen (#5–#8 currency + #7 routing/privat-sektor-paritet). Ingen ny funksjonalitet i denne commiten — kun release-deklarasjoner og count-konsistens. Innholdet ble levert i e406ef3 og forutgående commits. Versjonsdeklarasjoner (1.15.0 → 1.16.0): - .claude-plugin/plugin.json - README.md version-badge + ny version-history-rad (currency-temaer, 4 nye kommandoer, regulatorisk/plattform/kostnad/sikkerhet-currency) - CHANGELOG.md ny [1.16.0]-entry (Added/Changed/Notes); historiske entries urørt - docs/playground.md doc-stamp (tittel + Validering-header). Playground- KODEN er uendret siden v1.15.0 → kun stamp bumpet, screenshots IKKE regenerert (forblir playground/screenshots/v1.15.0/) Telling-/konsistens-synk (verifisert ved faktisk fil-telling = 389): - README docs-badge 387 → 389; README KB-tabell + per-skill-seksjon (ms-ai-security 60 → 62); README prosa «387/387+» → «389/389+» - CLAUDE.md skill-tabell ms-ai-security 60 → 62 (var stale etter #8b) - SKILL.md cost-optimization subdir-telling 21 → 22 (korrigert pre- eksisterende drift; faktisk filtelling 22) Kommando-delta verifisert via git: 25 (v1.15.0) → 29 (v1.16.0). 4 nye: businesscase + anskaffelse (#7c), design + vendor (#7d). Tester: validate-plugin 239 PASS / 0 FAIL / 0 WARN · kb-integrity 115/115 (262 pre-eksisterende orphan-warnings, uendret) · run-e2e alle suiter (security/cost/summary/ros/ai-act + 6 playground-suiter + kb-update) PASS. Audit-backlog #5–#9 nå komplett. FLAGG: `/architect:kb-update` apply (~190 filer/~80 fetches) forblir UTSATT — krever egen bekreftelse. Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- .claude-plugin/plugin.json | 2 +- CHANGELOG.md | 33 +++++++++++++++++++++++++++++++++ CLAUDE.md | 2 +- README.md | 13 +++++++------ docs/playground.md | 4 ++-- skills/ms-ai-security/SKILL.md | 2 +- 6 files changed, 45 insertions(+), 11 deletions(-) diff --git a/.claude-plugin/plugin.json b/.claude-plugin/plugin.json index b28039a..e77f99c 100644 --- a/.claude-plugin/plugin.json +++ b/.claude-plugin/plugin.json @@ -1,6 +1,6 @@ { "name": "ms-ai-architect", - "version": "1.15.0", + "version": "1.16.0", "description": "Microsoft AI Solution Architect - structured architecture guidance for the full Microsoft AI stack", "author": { "name": "Kjell Tore Guttormsen" diff --git a/CHANGELOG.md b/CHANGELOG.md index 9a7a19d..4a15d35 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,39 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.16.0] - 2026-06-18 + +Currency- og privat-sektor-paritets-release. Adresserer devil's-advocate-audit (2026-06-18, 10 dimensjoner, 89 verifiserte funn) — `docs/devils-advocate-audit-2026-06-18.md`. Alle faktapåstander verifisert mot Microsoft Learn / EDPB / OWASP-primærkilder før skriving. + +### Added + +- **4 nye kommandoer (25 → 29):** + - `/architect:businesscase` — forretningscase med NNV (netto nåverdi) + DFØ-gevinstrealisering (#7c). + - `/architect:anskaffelse` — AI-anskaffelse: kravspesifikasjon, leverandørevaluering, terskelverdier (#7c). + - `/architect:design` — sektor-nøytralt Solution Architecture Document (SAD): kontekst, NFR, alternativer, valgt design, risiko, veikart (#7d). + - `/architect:vendor` — tredjeparts-/SaaS-leverandørvurdering (due diligence): dataresidens, sub-prosessorer, DPA, Schrems II, AI Act-deployer (#7d). +- **2 nye KB-filer (ms-ai-security, 60 → 62 refs):** `owasp-llm-top10-azure-mitigations.md` (LLM04/06/08/09) og `defender-threat-protection-ai-services.md` (AI threat protection — ikke i Azure Government). +- **Privat-sektor-paritet:** sektor-parametrisering i 6 kommandoer + onboarding-forgrening for privat/regulert sektor + parallell privat-bane i README/help/playground. + +### Changed + +- **EU AI Act-tidslinje re-baselinet mot Digital Omnibus:** Annex III høyrisiko (frittstående) utsatt til 2027-12-02, Annex I (innebygd) til 2028-08-02, Art. 50 transparens 2026-08-02. Art. 99-bøtesatser korrigert (35M €/7 %, 15M €/3 %, 7,5M €/1 %). Klargjort at EU AI Act ennå ikke er EØS-innlemmet og KI-loven uvedtatt per juni 2026. +- **Agent-orkestrering currency:** Connected Agents deprecated (pensjon 2027-03-31) → ny GA-modell Prompt/Hosted agents + Responses API som single entry point. MAF 1.0 GA + A2A v1.0.1. Prompt Flow (Foundry + AML) retirement 2027-04-20 → MAF. Computer Use Agent (CUA) GA 2026-05-07. Agentic retrieval GA-split (REST `2026-04-01` min/ekstraktiv, LLM-planning preview). +- **Kostnadslag re-baselinet:** GPT-5 $1,25/$10 input/output, konsolidert til én prissannhet i `deterministic-cost-calculation-model.md`. +- **Foundry URL-navnerom-migrering:** `ai-foundry` → `foundry` / `foundry-classic` på tvers av 141 filer. +- **Dataresidens korrigert:** Norway East — gpt-4o + gpt-4o-mini eneste Norge-residente generative modeller; modellkatalog modernisert. +- **DPIA cross-border:** EDPB Rec 01/2020 seks-stegs-TIA + CLOUD Act/FISA-restanalyse (FISA §702 til mars 2027; DPF gyldig; CLOUD Act uendret av DPF). EDPB 28/2024: anonymisering vurderes case-by-case. +- **ROS + DPIA regulatorisk currency:** NSM Grunnprinsipper v2.1, OWASP Agentic 2026 (ASI01–10), EchoLeak, DPF, EUDB. +- **Sikkerhet:** M365 E7 + Agent 365 (GA 2026-05-01) i licensing-matrix; Foundry Local air-gapped (Sovereign Private Cloud) i disconnected-scenarios. +- **KB-routing:** RAG/MLOps-KB ruting (betinget last) + forsont ROS-last-kontrakt (kjerne + betinget). +- Tellinger oppdatert: README docs-badge 387 → 389, README KB-tabell + per-skill-seksjon (ms-ai-security 60 → 62), CLAUDE.md skill-tabell (ms-ai-security 60 → 62), SKILL.md cost-optimization subdir-telling 21 → 22 (korrigert pre-eksisterende drift). + +### Notes on 1.16.0 + +- **Verifisering:** alle currency-påstander krysssjekket mot primærkilder. Der OWASP 2025-sider returnerte 404 ble innholdet kryssverifisert mot alternative offisielle kilder. +- **Plugin API surface:** 29 kommandoer, 12 agenter, 5 skills (389 reference docs), 2 hooks, MCP-server-config. Playground v3-koden er uendret siden v1.15.0 — kun doc-stamp bumpet; screenshots i `playground/screenshots/v1.15.0/` ikke regenerert. +- **Tester:** 239 plugin-validering, kb-integrity 115/115, run-e2e alle suiter (security/cost/summary/ros/ai-act + 6 playground-suiter) 0 FAIL. + ## [1.15.0] - 2026-05-16 ### Changed — playground v3 project-view integration diff --git a/CLAUDE.md b/CLAUDE.md index fb31721..06c5427 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -72,7 +72,7 @@ Tilbyr strukturert arkitekturveiledning for Microsoft AI-stakken: |-------|--------|----------------|--------------| | `ms-ai-advisor` | Cosmo Skyberg-persona, 7-fase arbeidsflyt, plattformvalg | 62 | "Hjelp meg velge" | | `ms-ai-governance` | Norsk offentlig sektor-styring, EU-regelverk, ansvarlig AI | 78 | "Er dette lovlig?" | -| `ms-ai-security` | Sikkerhetsscoring (6x5), kostnadsestimering (P10/P50/P90) | 60 | "Er dette trygt?" | +| `ms-ai-security` | Sikkerhetsscoring (6x5), kostnadsestimering (P10/P50/P90) | 62 | "Er dette trygt?" | | `ms-ai-engineering` | RAG, agenter, Azure AI Services, data, MLOps, multimodal | 153 | "Hvordan bygger jeg dette?" | | `ms-ai-infrastructure` | BCDR, hybrid/edge, suveren sky | 34 | "Hvordan drifter jeg dette?" | diff --git a/README.md b/README.md index e74ac15..3534d5a 100644 --- a/README.md +++ b/README.md @@ -6,9 +6,9 @@ *AI-generated: all code produced by Claude Code through dialog-driven development. [Full disclosure →](../../README.md#ai-generated-code-disclosure)* -![Version](https://img.shields.io/badge/version-1.15.0-blue) +![Version](https://img.shields.io/badge/version-1.16.0-blue) ![Platform](https://img.shields.io/badge/platform-Claude_Code_Plugin-purple) -![Docs](https://img.shields.io/badge/reference_docs-387-green) +![Docs](https://img.shields.io/badge/reference_docs-389-green) ![Agents](https://img.shields.io/badge/agents-12-orange) ![License](https://img.shields.io/badge/license-MIT-lightgrey) @@ -204,14 +204,14 @@ The orchestrator creates a `.work/` directory for intermediate results, delegate ## Knowledge Base -The plugin includes **387 reference documents** organized across 5 domain-specific skills: +The plugin includes **389 reference documents** organized across 5 domain-specific skills: | Skill | Domain | Refs | User Intent | |-------|--------|------|-------------| | `ms-ai-advisor` | Cosmo persona, 7-phase workflow, platform selection | 62 | "Help me choose" | | `ms-ai-engineering` | RAG, agents, Azure AI Services, data, MLOps, multimodal | 153 | "How do I build this?" | | `ms-ai-governance` | Norwegian public sector governance, EU regulations, responsible AI, ROS | 78 | "Is this legal/safe?" | -| `ms-ai-security` | Security scoring (6×5), cost estimation (P10/P50/P90) | 60 | "Is this safe?" | +| `ms-ai-security` | Security scoring (6×5), cost estimation (P10/P50/P90) | 62 | "Is this safe?" | | `ms-ai-infrastructure` | BCDR, hybrid/edge, sovereign cloud | 34 | "How do I operate this?" | ### ms-ai-advisor (62 refs) @@ -226,7 +226,7 @@ RAG implementation patterns, agent orchestration, Azure AI Foundry, Copilot Stud Norwegian public sector governance (Digdir, DFØ), EU AI Act (Annex III checklist), responsible AI frameworks, GDPR/Schrems II compliance, Utredningsinstruksen alignment. Includes a comprehensive **ROS analysis framework** with 7 new reference documents: AI threat library (49 threats across 7 categories), NS 5814/ISO 31000 methodology guide, 7×5 scoring rubrics, sector-specific checklists (health, transport, finance, justice, education), report templates, DPIA/security integration patterns, and MAESTRO multi-agent security model. -### ms-ai-security (60 refs) +### ms-ai-security (62 refs) 6×5 security scoring rubrics, threat modeling for AI systems, content safety, cost optimization, deterministic cost calculation model, data residency patterns. @@ -602,7 +602,7 @@ bash tests/capture-fixture.sh ### Knowledge Base Maintenance -The 387+ reference documents are actively maintained by the plugin author. Updated reference files are published as regular commits to the marketplace repository. If you installed via `claude plugin marketplace add`, updates are pulled automatically — no manual action needed. +The 389+ reference documents are actively maintained by the plugin author. Updated reference files are published as regular commits to the marketplace repository. If you installed via `claude plugin marketplace add`, updates are pulled automatically — no manual action needed. For forks (or if you simply want to refresh the KB yourself), the plugin ships with a sitemap-based change-detection pipeline plus a slash command that drives the apply-fasen via the active Claude Code session. @@ -659,6 +659,7 @@ Category-to-skill routing is defined in `scripts/skill-gen/category-skill-map.js | Version | Date | Highlights | |---------|------|-----------| +| **1.16.0** | 2026-06-18 | Currency- og privat-sektor-paritets-audit (devil's-advocate-audit 2026-06-18, 10 dimensjoner, 89 verifiserte funn — `docs/devils-advocate-audit-2026-06-18.md`). **Regulatorisk:** EU AI Act-tidslinje re-baselinet mot Digital Omnibus (Annex III høyrisiko → 2027-12-02, Art. 50 → 2026-08-02) + Art. 99-bøtesatser (35M/7 %, 15M/3 %, 7,5M/1 %); EU AI Act ennå ikke EØS-innlemmet, KI-loven uvedtatt per juni 2026; DPIA cross-border med EDPB Rec 01/2020 seks-stegs-TIA + CLOUD Act/FISA-restanalyse + EDPB 28/2024 (anonymisering case-by-case). **Plattform:** Foundry URL-navnerom-migrering (`ai-foundry` → `foundry`/`foundry-classic`, 141 filer); Connected Agents deprecated (pensjon 2027-03-31) → Prompt/Hosted agents + Responses API; MAF 1.0 GA + A2A v1.0.1; Prompt Flow retirement 2027-04-20; CUA GA 2026-05-07; agentic retrieval GA-split. **Kostnad:** re-baselinet til GPT-5 $1,25/$10 med én prissannhet. **Dataresidens:** korrigert Norway East (gpt-4o + gpt-4o-mini eneste Norge-residente generative). **Sikkerhet:** Defender AI threat protection (ikke Azure Government) + OWASP LLM04/06/08/09-tiltak (2 nye KB-filer); M365 E7 + Agent 365 (GA 2026-05-01); Foundry Local air-gapped. **Privat-sektor-paritet:** sektor-parametrisering i 6 kommandoer + onboarding-forgrening + 4 nye kommandoer (`businesscase`, `anskaffelse`, `design`, `vendor` → 25 → 29 totalt). ROS/DPIA-currency (NSM v2.1, OWASP Agentic 2026, EchoLeak, DPF, EUDB). 389 reference docs (ms-ai-security 60 → 62). 239 plugin-validering · kb-integrity 115/115 · run-e2e alle suiter 0 FAIL. Playground-koden uendret siden v1.15.0 (kun doc-stamp bumpet; screenshots ikke regenerert). | | **1.15.0** | 2026-05-16 | Playground v3 project-view integration — `renderProjectSurface` (v2 screen-tabs + category-tabs + per-command paste-cards) erstattet av `renderProjectView` (sidebar med 17 artifacts + main-area + import-modal overlay). `renderActive()` delegerer nå til `renderProjectSurfaceV3()`. Dead code fjernet: `renderCommandSubCard`, `rehydratePasteImports`, `currentProjectScreen`, `ACTIONS['project-screen']`, 5 v2-CSS-klasser (`.project-tabs`, `.project-tab`, `.project-tab__count`, `.sub-zone`, `.paste-import-row`, `.project-header__*`, `.command-cards`). 2 fingerprint-gap lukket: `requirements.headers` matcher nå "EU AI Act — Krav for høyrisiko..."; `license.headers` matcher "Lisens-kapabilitetsmatrise...". v2→v3 migrasjon utvidet med `parserFor` slik at demo-state med kun `raw_markdown` auto-parses inn i `project.artifacts[cid]`. `components-tier4-project-view.css` wired inn (var ikke loaded — modal-overlay og two-column layout virket ikke). `renderImportModal` setter `data-open="true"` (DS-kontrakt). 219 plugin-validering, 386 E2E playground (32 fingerprints, 219 v3-static, 70 parsers, 16 migrations, 30 project-view, 19 actions), 0 FAIL, 2 WARN (pre-eksisterende). 24 screenshots regenerert til `playground/screenshots/v1.15.0/`. Demo viser nå 17 artifacts navigerbare i sidebar, aggregate verdict (BLOKKERT), top-risks-liste, og fungerende re-importer/slett-knapper per artifact. | | **1.14.0** | 2026-05-08 | Playground root-cause refaktor — DS-konvensjon-adopsjon på tvers av 14 renderere over 6 sesjoner. Sesjon 2: B-DS-1/2/3 fikset i shared/ DS v0.4.0 (kanban-card word-break, expansion title-block, matrix-bubble cursor). Sesjon 3: renderDpia/Security/Ros til DS-summary-grid + ros-layout. Sesjon 4: 6 compliance/govern-renderere bytter `.report-meta`-wrapper mot DS-konvensjon (renderAiActPyramid, renderRequirements, renderConformity, renderTransparency, renderFria, renderReview). Sesjon 5: renderMigrate + renderPoc → expansion-list per fase (slett `.phase-detail`-CSS). Sesjon 5b: renderCost key-stats viste "[object Object]" (parser-output har p50/p90 = {monthly,yearly}-objekter — nå ekstrahert via `.monthly`); renderCompare distinctive-token-matching erstatter firstWord-heuristikk; renderUtredning droppet misvisende `role="tab"`-attributter. Lokal `