diff --git a/plugin/skills/azure-cloud-migrate/SKILL.md b/plugin/skills/azure-cloud-migrate/SKILL.md
new file mode 100644
index 00000000..48d02b76
--- /dev/null
+++ b/plugin/skills/azure-cloud-migrate/SKILL.md
@@ -0,0 +1,39 @@
+---
+name: azure-cloud-migrate
+description: "Assess and migrate cross-cloud workloads to Azure. Generates assessment reports and converts code from AWS, GCP, or other providers to Azure services. WHEN: \"migrate Lambda to Azure Functions\", \"migrate AWS to Azure\", \"Lambda migration assessment\", \"convert s AWS erverless to Azure\", \"migration readiness report\", \"migrate from AWS\", \"migrate from GCP\", \"cross-cloud migration\"."
+---
+
+# Azure Cloud Migrate
+
+> This skill handles **assessment and code migration** of existing cloud workloads to Azure.
+
+## Rules
+
+1. Follow phases sequentially — do not skip
+2. Generate assessment before any code migration
+3. Load the scenario reference and follow its rules
+4. Use `mcp_azure_mcp_get_bestpractices` and `mcp_azure_mcp_documentation` MCP tools
+5. Use the latest supported runtime for the target service
+6. Destructive actions require `ask_user` — [global-rules](references/services/functions/global-rules.md)
+
+## Migration Scenarios
+
+| Source | Target | Reference |
+|--------|--------|-----------|
+| AWS Lambda | Azure Functions | [lambda-to-functions.md](references/services/functions/lambda-to-functions.md) |
+
+> No matching scenario? Use `mcp_azure_mcp_documentation` and `mcp_azure_mcp_get_bestpractices` tools.
+
+## Output Directory
+
+All output goes to `<source-folder>-azure/` at workspace root. Never modify the source directory.
+
+## Steps
+
+1. **Create** `<source-folder>-azure/` at workspace root
+2. **Assess** — Analyze source, map services, generate report → [assessment.md](references/services/functions/assessment.md)
+3. **Migrate** — Convert code using target programming model → [code-migration.md](references/services/functions/code-migration.md)
+4. **Ask User** — "Migration complete. Test locally or deploy to Azure?"
+5. **Hand off** to azure-prepare for infrastructure, testing, and deployment
+
+Track progress in `migration-status.md` — see [workflow-details.md](references/workflow-details.md).
diff --git a/plugin/skills/azure-cloud-migrate/references/services/functions/assessment.md b/plugin/skills/azure-cloud-migrate/references/services/functions/assessment.md
new file mode 100644
index 00000000..8b1e5dbf
--- /dev/null
+++ b/plugin/skills/azure-cloud-migrate/references/services/functions/assessment.md
@@ -0,0 +1,154 @@
+# Assessment Phase
+
+Generate a migration assessment report before any code changes.
+
+## Prerequisites
+
+- Workspace contains AWS Lambda functions, SAM templates, or CloudFormation templates
+- Prompt user to upload relevant files if not present
+
+## Assessment Steps
+
+1. **Identify Functions** — List all Lambda functions with runtimes, triggers, and dependencies
+2. **Map AWS Services** — Map AWS services to Azure equivalents (see [lambda-to-functions.md](lambda-to-functions.md))
+3. **Map Properties** — Map Lambda properties to Azure Functions properties
+4. **Check Dependencies** — List 3rd-party libraries and verify Azure compatibility
+5. **Analyze Code** — Check language support and runtime differences
+6. **Map Triggers** — Identify equivalent Azure Functions triggers
+7. **Map Deployment** — Identify equivalent Azure deployment strategies (CLI, Bicep, azd)
+8. **Review CI/CD** — Check pipeline compatibility with Azure DevOps or GitHub Actions
+9. **Map Monitoring** — Map CloudWatch → Application Insights / Azure Monitor
+
+## Code Preview
+
+During assessment, show a **sneak peek** of what the migrated Azure Functions code will look like for each function. Use bindings and triggers (not SDKs) in all previews, following Azure Functions best practices. **Always use the newest generally available (GA) language runtime listed in the Azure Functions supported languages documentation** in previews (for example, the latest Node.js LTS or newest Python GA version). This helps the user understand the migration scope before committing to code migration.
+
+> ⚠️ **Binding-first rule**: Code previews MUST use `input.storageBlob()`, `output.storageBlob()`, `app.storageQueue()`, etc. instead of `BlobServiceClient`, `QueueClient`, or other SDK clients. Only use SDK for services that have no binding equivalent.
+
+## Architecture Diagrams
+
+Generate two diagrams:
+1. **Current State** — AWS Lambda architecture with triggers and integrations
+2. **Target State** — Azure Functions architecture showing equivalent structure
+
+## Assessment Report Format
+
+> ⚠️ **MANDATORY**: Use these exact section headings in every assessment report. Do NOT rename, reorder, or omit sections.
+
+The report MUST be saved as `migration-assessment-report.md` inside the output directory (`<aws-folder>-azure/`).
+
+```markdown
+# Migration Assessment Report
+
+## 1. Executive Summary
+
+| Property | Value |
+|----------|-------|
+| **Total Functions** | <count> |
+| **Source Platform** | AWS Lambda |
+| **Source Runtime** | <runtime and version> |
+| **Target Platform** | Azure Functions |
+| **Target Runtime** | <runtime and version> |
+| **Migration Readiness** | <High / Medium / Low> |
+| **Estimated Effort** | <Low / Medium / High> |
+| **Assessment Date** | <date> |
+
+## 2. Functions Inventory
+
+| # | Function Name | Runtime | Trigger Type | Memory (MB) | Timeout (s) | Description |
+|---|--------------|---------|-------------- |-------------|-------------|-------------|
+| 1 | | | | | | |
+
+## 3. Service Mapping
+
+| AWS Service | Azure Equivalent | Migration Complexity | Notes |
+|-------------|------------------|----------------------|-------|
+| Lambda | Azure Functions | | |
+| API Gateway | Azure Functions HTTP Trigger / APIM | | |
+| S3 | Azure Blob Storage | | |
+| DynamoDB | Cosmos DB | | |
+| SQS | Service Bus / Storage Queue | | |
+| SNS | Event Grid | | |
+| CloudWatch | Application Insights / Azure Monitor | | |
+| IAM Roles | Managed Identity + RBAC | | |
+| CloudFormation / SAM | Bicep / ARM Templates | | |
+
+## 4. Trigger & Binding Mapping
+
+| # | Function Name | AWS Trigger | Azure Trigger | AWS Inputs/Outputs | Azure Bindings | Notes |
+|---|--------------|-------------|---------------|--------------------| ---------------|-------|
+| 1 | | | | | | |
+
+## 5. Dependencies Analysis
+
+| # | Package/Library | Version | AWS-Specific? | Azure Equivalent | Compatible? | Notes |
+|---|----------------|---------|---------------|------------------|-------------|-------|
+| 1 | | | | | | |
+
+## 6. Environment Variables & Configuration
+
+| # | AWS Variable | Purpose | Azure Equivalent | Auth Method | Notes |
+|---|-------------|---------|------------------|-------------|-------|
+| 1 | | | | Managed Identity / App Setting | |
+
+## 7. Architecture Diagrams
+
+### 7a. Current State (AWS)
+
+<!-- Mermaid or ASCII diagram of AWS Lambda architecture -->
+
+### 7b. Target State (Azure)
+
+<!-- Mermaid or ASCII diagram of Azure Functions architecture -->
+
+## 8. IAM & Security Mapping
+
+| AWS IAM Role/Policy | Azure RBAC Role | Scope | Notes |
+|---------------------|-----------------|-------|-------|
+| | | | |
+
+## 9. Monitoring & Observability Mapping
+
+| AWS Service | Azure Equivalent | Migration Notes |
+|-------------|------------------|-----------------|
+| CloudWatch Logs | Application Insights | |
+| CloudWatch Metrics | Azure Monitor Metrics | |
+| CloudWatch Alarms | Azure Monitor Alerts | |
+| X-Ray | Application Insights (distributed tracing) | |
+
+## 10. CI/CD & Deployment Mapping
+
+| AWS Tool | Azure Equivalent | Notes |
+|----------|------------------|-------|
+| SAM CLI | Azure Functions Core Tools / azd | |
+| CloudFormation | Bicep / ARM Templates | |
+| CodePipeline | Azure DevOps Pipelines / GitHub Actions | |
+| CodeBuild | Azure DevOps Build / GitHub Actions | |
+
+## 11. Project Structure Comparison
+
+| AWS Lambda Structure | Azure Functions Structure |
+|---------------------|--------------------------|
+| `template.yaml` (SAM) | `host.json` |
+| `handler.js / handler.py` | `src/app.js` / `src/function_app.py` |
+| `requirements.txt` / `package.json` | `requirements.txt` / `package.json` |
+| Per-function directories (optional) | Single entry point (v4 JS / v2 Python) |
+| `event` object | Trigger-specific parameter |
+| `context` object | `InvocationContext` |
+
+## 12. Recommendations
+
+1. **Runtime**: <recommended Azure Functions runtime and version>
+2. **Hosting Plan**: <Flex Consumption / Premium>
+3. **IaC Strategy**: <Bicep with azd / Terraform / ARM>
+4. **Auth Strategy**: <Managed Identity for all service-to-service>
+5. **Monitoring**: <Application Insights + Azure Monitor>
+
+## 13. Next Steps
+
+- [ ] Review and approve this assessment report
+- [ ] Proceed to code migration (azure-cloud-migrate Phase 2)
+- [ ] Hand off to azure-prepare for IaC generation
+```
+
+> 💡 **Tip:** Use `mcp_azure_mcp_get_bestpractices` tool to learn Azure Functions project structure best practices for the comparison.
diff --git a/plugin/skills/azure-cloud-migrate/references/services/functions/code-migration.md b/plugin/skills/azure-cloud-migrate/references/services/functions/code-migration.md
new file mode 100644
index 00000000..8cab61f9
--- /dev/null
+++ b/plugin/skills/azure-cloud-migrate/references/services/functions/code-migration.md
@@ -0,0 +1,138 @@
+# Code Migration Phase
+
+Migrate AWS Lambda function code to Azure Functions.
+
+## Prerequisites
+
+- Assessment report completed
+- Azure Functions extension installed in VS Code
+- Best practices loaded via `mcp_azure_mcp_get_bestpractices` tool
+
+## Rules
+
+- If runtime is Python or Node.js: **do NOT create function.json files**
+- If runtime is .NET (in-process or isolated) or Java: **do NOT hand-author function.json** — bindings metadata is generated from attributes/annotations at build time
+- Use extension bundle version `[4.*, 5.0.0)` in host.json
+- Use latest programming model (v4 for JavaScript, v2 for Python)
+- **Always use bindings and triggers instead of SDKs** — For blob read/write, use `input.storageBlob()` / `output.storageBlob()` with `extraInputs`/`extraOutputs`. For queues, use `app.storageQueue()` or `app.serviceBusQueue()`. Only use SDK when there is no equivalent binding (e.g., Azure AI, custom HTTP calls)
+- **Always use the latest supported language runtime** — Consult [supported languages](https://learn.microsoft.com/en-us/azure/azure-functions/supported-languages) and select the newest GA version. Do NOT default to an older LTS version when a newer version is available on Azure Functions.
+
+## Steps
+
+1. **Install Azure Functions Extension** — Ensure VS Code extension is installed
+2. **Load Best Practices** — Use `mcp_azure_mcp_get_bestpractices` tool for code generation guidance
+3. **Create Project Structure** — Set up the Azure Functions project inside the output directory (`<aws-folder>-azure/`). Do NOT create files inside the original AWS directory
+4. **Migrate Functions** — Convert each Lambda function to Azure Functions equivalent
+5. **Update Dependencies** — Replace AWS SDKs with Azure SDKs in package.json / requirements.txt
+6. **Configure Bindings** — Set up triggers and bindings inline (v4 JS / v2 Python)
+7. **Configure Environment** — Map Lambda env vars to Azure Functions app settings
+8. **Add Error Handling** — Ensure proper error handling in all functions
+
+## Key Configuration Files
+
+### host.json
+
+```json
+{
+  "version": "2.0",
+  "extensionBundle": {
+    "id": "Microsoft.Azure.Functions.ExtensionBundle",
+    "version": "[4.*, 5.0.0)"
+  },
+  "extensions": {
+    "queues": {
+      "maxPollingInterval": "00:00:02",
+      "visibilityTimeout": "00:00:30",
+      "batchSize": 1,
+      "maxDequeueCount": 5
+    }
+  },
+  "logging": {
+    "applicationInsights": {
+      "samplingSettings": {
+        "isEnabled": true,
+        "excludedTypes": "Request"
+      }
+    }
+  }
+}
+```
+
+## Critical Infrastructure Dependencies
+
+### Blob Trigger with EventGrid Source — Additional Requirements
+
+When migrating S3 event triggers to Azure blob triggers with `source: 'EventGrid'`, the following infrastructure must be configured **at the IaC level** (not code level). Failure to set these up results in silent trigger failures.
+
+| Requirement | Why | Consequence of Missing |
+|------------|-----|----------------------|
+| **Queue endpoint** (`AzureWebJobsStorage__queueServiceUri`) | Blob extension uses queues internally for poison-message tracking with EventGrid source | Function fails to index: "Unable to find matching constructor...QueueServiceClient" |
+| **Always-ready instances** (Flex Consumption only) | Blob trigger group must be running to register the Event Grid webhook | Trigger group never starts → webhook never registered → events never delivered |
+| **Event Grid subscription via Bicep/ARM** | CLI-based webhook validation handshake times out on Flex Consumption | Use `listKeys()` in Bicep to obtain the `blobs_extension` system key at deployment time |
+| **Storage Queue Data Contributor** RBAC | Identity-based queue access for poison messages | 403 errors during blob trigger indexing |
+
+See [lambda-to-functions.md](lambda-to-functions.md#flex-consumption--blob-trigger-with-eventgrid-source) for Bicep patterns.
+
+### UAMI Credential Pattern
+
+When using User Assigned Managed Identity (UAMI), `DefaultAzureCredential()` without arguments tries System Assigned first and fails. Always pass the client ID:
+
+```javascript
+const credential = new DefaultAzureCredential({
+  managedIdentityClientId: process.env.AZURE_CLIENT_ID
+});
+```
+
+Add `AZURE_CLIENT_ID` as an app setting in Bicep pointing to the UAMI client ID.
+
+### azd init Workaround for Non-Empty Directories
+
+`azd init --template <template>` refuses to run in a non-empty directory. Use a temp-directory approach:
+
+1. `azd init --template <template>` in an empty temp directory
+2. Copy IaC files (`infra/`, `azure.yaml`, etc.) into the project root
+3. Clean up the temp directory
+
+### package.json (JavaScript)
+
+```json
+{
+  "dependencies": {
+    "@azure/functions": "^4.0.0",
+    "@azure/identity": "<latest>"
+  },
+  "devDependencies": {
+    "@azure/functions-core-tools": "^4",
+    "jest": "<latest>"
+  }
+}
+```
+
+## Runtime-Specific Trigger & Binding Patterns
+
+Load the appropriate runtime reference for the target language:
+
+| Runtime | Reference |
+|---------|----------|
+| JavaScript (Node.js v4) | [runtimes/javascript.md](runtimes/javascript.md) |
+| TypeScript (v4) | [runtimes/typescript.md](runtimes/typescript.md) |
+| Python (v2) | [runtimes/python.md](runtimes/python.md) |
+| C# (Isolated Worker) | [runtimes/csharp.md](runtimes/csharp.md) |
+| Java | [runtimes/java.md](runtimes/java.md) |
+| PowerShell | [runtimes/powershell.md](runtimes/powershell.md) |
+
+## Scenario-Specific Guidance
+
+See [lambda-to-functions.md](lambda-to-functions.md) for detailed trigger mapping, code patterns, and examples.
+
+## Handoff to azure-prepare
+
+After code migration is complete:
+
+1. Update `migration-status.md` — mark Code Migration as ✅ Complete
+2. Invoke **azure-prepare** — pass the assessment report context so it can:
+   - Use the service mapping as requirements input (skips manual gather-requirements)
+   - Generate IaC (Bicep/Terraform) for the mapped Azure services
+   - Create `azure.yaml` and `.azure/preparation-manifest.md`
+   - Apply security hardening
+3. azure-prepare will then chain to **azure-validate** → **azure-deploy**
diff --git a/plugin/skills/azure-cloud-migrate/references/services/functions/global-rules.md b/plugin/skills/azure-cloud-migrate/references/services/functions/global-rules.md
new file mode 100644
index 00000000..ef534ff8
--- /dev/null
+++ b/plugin/skills/azure-cloud-migrate/references/services/functions/global-rules.md
@@ -0,0 +1,51 @@
+# Global Rules
+
+These rules apply to ALL phases of the migration skill.
+
+## Destructive Action Policy
+
+⛔ **NEVER** perform destructive actions without explicit user confirmation via `ask_user`:
+- Deleting files or directories
+- Overwriting existing code
+- Deploying to production environments
+- Modifying existing Azure resources
+- Removing AWS resources
+
+## User Confirmation Required
+
+Always use `ask_user` before:
+- Selecting Azure subscription
+- Selecting Azure region/location
+- Deploying infrastructure
+- Making breaking changes to existing code
+
+## Best Practices
+
+- Always use `mcp_azure_mcp_get_bestpractices` tool before generating Azure code
+- Prefer managed identity over connection strings
+- **Always use the latest supported language runtime** — check [supported languages](https://learn.microsoft.com/en-us/azure/azure-functions/supported-languages) for the newest GA version. Never default to older versions
+- **Always prefer bindings over SDKs** — use `input.storageBlob()`, `output.storageBlob()`, `app.storageQueue()`, etc. instead of `BlobServiceClient`, `QueueClient`, or other SDK clients. Only use SDK when no binding exists for the service
+- Follow Azure naming conventions
+- Use Flex Consumption hosting plan for new Functions
+
+## Identity-First Authentication (Zero API Keys)
+
+> Enterprise subscriptions commonly enforce policies that block local auth. Always design for identity-based access from the start.
+
+- **Storage accounts**: Set `allowSharedKeyAccess: false`. Use identity-based connections with `AzureWebJobsStorage__credential`, `__clientId`, and service-specific URIs (`__blobServiceUri`, `__queueServiceUri`, etc.)
+- **Cognitive Services**: Set `disableLocalAuth: true`. Use UAMI + RBAC role (e.g., Cognitive Services User) instead of API keys
+- **Application Insights**: Set `disableLocalAuth: true`. Use `APPLICATIONINSIGHTS_AUTHENTICATION_STRING` with `ClientId=<uamiClientId>;Authorization=AAD`
+- **DefaultAzureCredential with UAMI**: When using User Assigned Managed Identity, always pass `managedIdentityClientId` explicitly:
+  ```javascript
+  const credential = new DefaultAzureCredential({
+    managedIdentityClientId: process.env.AZURE_CLIENT_ID
+  });
+  ```
+  Without this, `DefaultAzureCredential` tries SystemAssigned first and fails. Add `AZURE_CLIENT_ID` as an app setting mapped to the UAMI client ID.
+
+## Flex Consumption Specifics
+
+- **Always-ready for non-HTTP triggers**: Blob trigger groups on Flex Consumption require `alwaysReady: [{ name: "blob", instanceCount: 1 }]` to bootstrap the trigger listener. Without it, the trigger group never starts and Event Grid subscriptions are never auto-created (chicken-and-egg problem)
+- **Blob trigger with EventGrid source requires queue endpoint**: The blob extension internally uses queues for poison-message tracking. Must include `AzureWebJobsStorage__queueServiceUri` even when using blob trigger (not queue trigger)
+- **Event Grid subscriptions via Bicep/ARM only**: Do NOT create Event Grid event subscriptions via CLI — webhook validation fails on Flex Consumption with "response code Unknown". Deploy as Bicep resources using `listKeys()` to resolve the `blobs_extension` system key at deployment time
+- **azd init on non-empty directories**: `azd init --template` refuses non-empty directories. Use temp directory approach: init in temp, copy template infrastructure files back
diff --git a/plugin/skills/azure-cloud-migrate/references/services/functions/lambda-to-functions.md b/plugin/skills/azure-cloud-migrate/references/services/functions/lambda-to-functions.md
new file mode 100644
index 00000000..9c2e741b
--- /dev/null
+++ b/plugin/skills/azure-cloud-migrate/references/services/functions/lambda-to-functions.md
@@ -0,0 +1,266 @@
+# AWS Lambda to Azure Functions Migration
+
+Detailed guidance for migrating AWS Lambda functions to Azure Functions.
+
+## Overview
+
+| AWS Service | Azure Equivalent |
+|-------------|------------------|
+| Lambda | Azure Functions |
+| API Gateway | Azure Functions HTTP Trigger / API Management |
+| S3 | Azure Blob Storage |
+| S3 Event | Azure Blob Storage + Event Grid |
+| DynamoDB | Cosmos DB |
+| SQS | Azure Service Bus / Storage Queue |
+| SNS | Azure Event Grid |
+| EventBridge | Azure Event Grid |
+| CloudWatch | Application Insights / Azure Monitor |
+| IAM Roles | Managed Identity + Azure RBAC |
+| CloudFormation / SAM | Bicep / ARM Templates |
+| Rekognition | Azure AI Computer Vision (Image Analysis) |
+
+## Programming Model Mapping
+
+| AWS Lambda | Azure Functions |
+|------------|-----------------|
+| `exports.handler` | `app.http()`, `app.storageBlob()`, etc. (v4) |
+| `event` object | `request` / `blob` / trigger-specific param |
+| `context` object | `context` (InvocationContext) |
+| `callback` | Return value |
+| `function.json` (v1-v3) | Inline bindings in code (v4 JS, v2 Python) |
+
+## Trigger Mapping
+
+| AWS Trigger | Azure Trigger | Notes |
+|-------------|---------------|-------|
+| API Gateway (REST/HTTP) | `app.http()` | Direct equivalent |
+| S3 Event | `app.storageBlob()` | Use `source: 'EventGrid'` for reliability |
+| SQS | `app.storageQueue()` or `app.serviceBusQueue()` | Service Bus for advanced scenarios |
+| SNS | `app.eventGrid()` | Event Grid is push-based |
+| EventBridge | `app.eventGrid()` | Map event patterns to filters |
+| CloudWatch Events (Scheduled) | `app.timer()` | NCRONTAB expressions |
+| DynamoDB Streams | Cosmos DB Change Feed trigger | Via `app.cosmosDB()` |
+
+## Runtime-Specific Migration Patterns
+
+For language-specific migration rules, correct/incorrect patterns, and code examples, see the runtime reference for the target language:
+
+| Runtime | Migration Patterns |
+|---------|-------------------|
+| JavaScript (Node.js v4) | [runtimes/javascript.md — Lambda Migration Rules](runtimes/javascript.md#lambda-migration-rules) |
+| Python (v2) | [runtimes/python.md — Lambda Migration Rules](runtimes/python.md#lambda-migration-rules) |
+| TypeScript (v4) | [runtimes/typescript.md](runtimes/typescript.md) |
+| C# (Isolated Worker) | [runtimes/csharp.md](runtimes/csharp.md) |
+| Java | [runtimes/java.md](runtimes/java.md) |
+| PowerShell | [runtimes/powershell.md](runtimes/powershell.md) |
+
+## Project Structure
+
+```
+REQUIRED for Azure Functions:
+src/
+├── app.js (or function_app.py)   # Main entry point
+├── host.json                      # Function host configuration
+├── local.settings.json            # Local development settings
+├── package.json (or requirements.txt)
+├── [helper-modules]               # Business logic
+└── tests/                         # Test files
+
+❌ NEVER create:
+├── [functionName]/                # No individual function directories
+│   ├── function.json              # No function.json (JS v4, Python v2)
+│   └── index.js
+```
+
+## Environment Variables
+
+```
+✅ Use managed identity connections for Azure Functions storage:
+   AzureWebJobsStorage__blobServiceUri
+   AzureWebJobsStorage__queueServiceUri
+   AzureWebJobsStorage__tableServiceUri
+
+✅ Use specific endpoint variables for other services:
+   COMPUTER_VISION_ENDPOINT
+   STORAGE_ACCOUNT_URL
+   SOURCE_CONTAINER_NAME
+
+❌ Avoid:
+   CONNECTION_STRING (use managed identity)
+   API_KEY (use managed identity)
+```
+
+## Reference Links
+
+- [AWS Lambda vs Azure Functions comparison](https://aka.ms/AWSLambda)
+- [AWS to Azure services comparison](https://learn.microsoft.com/en-us/azure/architecture/aws-professional/)
+- [Supported language runtimes](https://learn.microsoft.com/en-us/azure/azure-functions/supported-languages)
+- [Triggers and bindings overview](https://learn.microsoft.com/en-us/azure/azure-functions/functions-triggers-bindings)
+- [Functions quickstart JS (azd)](https://github.com/Azure-Samples/functions-quickstart-javascript-azd/tree/main/infra)
+- [Functions quickstart .NET Event Grid (azd)](https://github.com/Azure-Samples/functions-quickstart-dotnet-azd-eventgrid-blob/tree/main/infra)
+
+## Flex Consumption + Blob Trigger with EventGrid Source
+
+> **⚠️ CRITICAL**: When deploying blob triggers with `source: 'EventGrid'` on Flex Consumption, there are three infrastructure requirements that are NOT automatically handled and will cause silent trigger failures if missed.
+
+### 1. Always-Ready Instances (Bootstrap Problem)
+
+On Flex Consumption, trigger groups only start when there's work to do. But the blob extension needs to be running to create the Event Grid subscription that would deliver work — a chicken-and-egg problem.
+
+**Solution**: Configure `alwaysReady` for the blob trigger group in the function app's `scaleAndConcurrency`:
+
+```bicep
+// In api.bicep — functionAppConfig section
+scaleAndConcurrency: {
+  alwaysReady: [
+    {
+      name: 'blob'
+      instanceCount: 1
+    }
+  ]
+  instanceMemoryMB: 2048
+  maximumInstanceCount: 100
+}
+```
+
+Without this, the trigger group never starts → Event Grid subscription never gets created → no events are delivered → function never triggers.
+
+### 2. Queue Endpoint Required
+
+The blob extension internally uses Storage Queues for poison-message tracking when `source: 'EventGrid'` is configured. Without the queue endpoint, the function fails to index with:
+
+```
+Unable to find matching constructor while trying to create an instance of QueueServiceClient.
+Expected: serviceUri. Found: credential, clientId, blobServiceUri
+```
+
+**Solution**: Always enable the queue endpoint alongside blob when using EventGrid source:
+
+```bicep
+// In identity-based storage configuration
+AzureWebJobsStorage__blobServiceUri: storageAccount.properties.primaryEndpoints.blob
+AzureWebJobsStorage__queueServiceUri: storageAccount.properties.primaryEndpoints.queue  // REQUIRED for EventGrid source
+AzureWebJobsStorage__credential: 'managedidentity'
+AzureWebJobsStorage__clientId: managedIdentityClientId
+```
+
+Also assign **Storage Queue Data Contributor** RBAC role to the UAMI.
+
+### 3. Event Grid Subscription via Bicep (Not CLI)
+
+Do **NOT** create Event Grid event subscriptions via CLI. The `az eventgrid system-topic event-subscription create` command requires a webhook validation handshake that consistently fails on Flex Consumption with "response code Unknown" (timeout during cold start).
+
+**Solution**: Deploy the Event Grid system topic and event subscription as Bicep resources. ARM handles the webhook validation internally and reliably:
+
+```bicep
+// eventGrid.bicep
+resource systemTopic 'Microsoft.EventGrid/systemTopics@2024-06-01-preview' = {
+  name: 'evgt-${storageAccountName}'
+  location: location
+  properties: {
+    source: storageAccount.id
+    topicType: 'Microsoft.Storage.StorageAccounts'
+  }
+}
+
+resource eventSubscription 'Microsoft.EventGrid/systemTopics/eventSubscriptions@2024-06-01-preview' = {
+  parent: systemTopic
+  name: 'blob-trigger-sub'
+  properties: {
+    destination: {
+      endpointType: 'WebHook'
+      properties: {
+        // ARM resolves system key and handles validation at deployment time
+        endpointUrl: 'https://${functionApp.properties.defaultHostName}/runtime/webhooks/blobs?functionName=${functionName}&code=${listKeys('${functionApp.id}/host/default', '2023-12-01').systemKeys.blobs_extension}'
+      }
+    }
+    filter: {
+      includedEventTypes: [ 'Microsoft.Storage.BlobCreated' ]
+      subjectBeginsWith: '/blobServices/default/containers/${sourceContainerName}/'
+    }
+  }
+}
+```
+
+**RBAC requirement**: Assign **EventGrid EventSubscription Contributor** role to the UAMI.
+
+## User Assigned Managed Identity (UAMI) Auth Patterns
+
+### DefaultAzureCredential with UAMI
+
+When using UAMI, `DefaultAzureCredential()` without arguments tries SystemAssigned first and fails. Always pass the client ID:
+
+```javascript
+const { DefaultAzureCredential } = require('@azure/identity');
+
+const credential = new DefaultAzureCredential({
+  managedIdentityClientId: process.env.AZURE_CLIENT_ID
+});
+```
+
+Add `AZURE_CLIENT_ID` as an app setting pointing to the UAMI client ID:
+
+```bicep
+appSettings: {
+  AZURE_CLIENT_ID: managedIdentity.outputs.clientId
+}
+```
+
+### Identity-Linked Storage Connection
+
+```bicep
+AzureWebJobsStorage__credential: 'managedidentity'
+AzureWebJobsStorage__clientId: managedIdentityClientId
+AzureWebJobsStorage__blobServiceUri: storageAccount.properties.primaryEndpoints.blob
+AzureWebJobsStorage__queueServiceUri: storageAccount.properties.primaryEndpoints.queue
+```
+
+### Required RBAC Roles for Face Blur Pattern
+
+| Role | Scope | Purpose |
+|------|-------|---------|
+| Storage Blob Data Owner | Storage Account | Read source blobs, write destination blobs |
+| Storage Queue Data Contributor | Storage Account | Poison-message queue for blob extension |
+| EventGrid EventSubscription Contributor | Resource Group | Create/manage Event Grid subscriptions |
+| Cognitive Services User | Cognitive Services Account | Call Computer Vision API |
+| Monitoring Metrics Publisher | Application Insights | Emit telemetry |
+
+## AWS Rekognition → Azure AI Computer Vision
+
+| AWS | Azure |
+|-----|-------|
+| `@aws-sdk/client-rekognition` | `@azure-rest/ai-vision-image-analysis` |
+| `DetectFaces` | Image Analysis `People` feature |
+| `FaceDetails[].BoundingBox` (relative 0-1) | `peopleResult.values[].boundingBox` (pixel coordinates) |
+
+> **⚠️ Package version**: `@azure-rest/ai-vision-image-analysis` is still in beta. The `^1.0.0` semver does NOT resolve. Pin explicitly: `"@azure-rest/ai-vision-image-analysis": "1.0.0-beta.3"`
+
+### Coordinate Conversion
+
+AWS Rekognition returns relative coordinates (0-1). Azure AI returns pixel coordinates. Convert for consistent face processing:
+
+```javascript
+const sharp = require('sharp');
+const metadata = await sharp(imageBuffer).metadata();
+
+const faces = result.body.peopleResult.values.map(person => ({
+  BoundingBox: {
+    Width: person.boundingBox.width / metadata.width,
+    Height: person.boundingBox.height / metadata.height,
+    Left: person.boundingBox.x / metadata.width,
+    Top: person.boundingBox.y / metadata.height
+  }
+}));
+```
+
+### Auth: Use UAMI (No API Keys)
+
+```bicep
+// computerVision.bicep
+resource computerVision 'Microsoft.CognitiveServices/accounts@2024-10-01' = {
+  kind: 'ComputerVision'
+  properties: {
+    disableLocalAuth: true  // Enterprise policy compliance — no API keys
+  }
+}
+```
diff --git a/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/csharp.md b/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/csharp.md
new file mode 100644
index 00000000..2bad66aa
--- /dev/null
+++ b/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/csharp.md
@@ -0,0 +1,225 @@
+# C# — Azure Functions Isolated Worker Model Triggers & Bindings
+
+> **Model**: .NET isolated worker model (recommended). Uses attributes on methods/parameters.
+> Import: `using Microsoft.Azure.Functions.Worker;`
+
+## HTTP Trigger
+
+```csharp
+[Function("HttpFunction")]
+public static HttpResponseData Run(
+    [HttpTrigger(AuthorizationLevel.Anonymous, "get", "post")] HttpRequestData req,
+    FunctionContext context)
+{
+    var response = req.CreateResponse(HttpStatusCode.OK);
+    response.WriteString("Hello!");
+    return response;
+}
+```
+
+## Blob Storage
+
+```csharp
+// Trigger (EventGrid source)
+[Function("BlobTrigger")]
+public static void Run(
+    [BlobTrigger("samples-workitems/{name}", Source = BlobTriggerSource.EventGrid,
+     Connection = "AzureWebJobsStorage")] string blobContent,
+    string name, FunctionContext context)
+{
+    context.GetLogger("BlobTrigger").LogInformation($"Blob: {name}");
+}
+
+// Input
+[BlobInput("input/{name}", Connection = "AzureWebJobsStorage")] string inputBlob
+
+// Output
+[BlobOutput("output/{name}", Connection = "AzureWebJobsStorage")] out string outputBlob
+```
+
+## Queue Storage
+
+```csharp
+// Trigger
+[Function("QueueTrigger")]
+public static void Run(
+    [QueueTrigger("myqueue-items", Connection = "AzureWebJobsStorage")] string message,
+    FunctionContext context)
+{
+    context.GetLogger("Queue").LogInformation($"Message: {message}");
+}
+
+// Output (via return type)
+[Function("QueueOutput")]
+[QueueOutput("outqueue", Connection = "AzureWebJobsStorage")]
+public static string Run(
+    [HttpTrigger(AuthorizationLevel.Anonymous, "post")] HttpRequestData req)
+{
+    return "queue message";
+}
+```
+
+## Timer
+
+```csharp
+[Function("TimerFunction")]
+public static void Run(
+    [TimerTrigger("0 */5 * * * *")] TimerInfo timer,
+    FunctionContext context)
+{
+    context.GetLogger("Timer").LogInformation($"Last: {timer.ScheduleStatus?.Last}");
+}
+```
+
+## Event Grid
+
+```csharp
+// Trigger
+[Function("EventGridTrigger")]
+public static void Run(
+    [EventGridTrigger] EventGridEvent eventGridEvent,
+    FunctionContext context)
+{
+    context.GetLogger("EG").LogInformation($"Event: {eventGridEvent.Subject}");
+}
+
+// Output
+[EventGridOutput(TopicEndpointUri = "MyTopicUri", TopicKeySetting = "MyTopicKey")]
+```
+
+## Cosmos DB
+
+```csharp
+// Trigger (Change Feed)
+[Function("CosmosDBTrigger")]
+public static void Run(
+    [CosmosDBTrigger("mydb", "mycontainer",
+     Connection = "CosmosDBConnection",
+     CreateLeaseContainerIfNotExists = true)] IReadOnlyList<MyDocument> documents,
+    FunctionContext context)
+{
+    foreach (var doc in documents)
+        context.GetLogger("Cosmos").LogInformation($"Doc: {doc.Id}");
+}
+
+// Input
+[CosmosDBInput("mydb", "mycontainer", Connection = "CosmosDBConnection",
+ Id = "{id}", PartitionKey = "{partitionKey}")] MyDocument doc
+
+// Output
+[CosmosDBOutput("mydb", "mycontainer", Connection = "CosmosDBConnection")]
+```
+
+## Service Bus
+
+```csharp
+// Queue Trigger
+[Function("SBQueueTrigger")]
+public static void Run(
+    [ServiceBusTrigger("myqueue", Connection = "ServiceBusConnection")] string message,
+    FunctionContext context)
+{
+    context.GetLogger("SB").LogInformation($"Message: {message}");
+}
+
+// Topic Trigger
+[Function("SBTopicTrigger")]
+public static void Run(
+    [ServiceBusTrigger("mytopic", "mysubscription",
+     Connection = "ServiceBusConnection")] string message,
+    FunctionContext context)
+{
+    context.GetLogger("SB").LogInformation($"Topic: {message}");
+}
+
+// Output
+[ServiceBusOutput("outqueue", Connection = "ServiceBusConnection")]
+```
+
+## Event Hubs
+
+```csharp
+// Trigger
+[Function("EventHubTrigger")]
+public static void Run(
+    [EventHubTrigger("myeventhub", Connection = "EventHubConnection")] EventData[] events,
+    FunctionContext context)
+{
+    foreach (var e in events)
+        context.GetLogger("EH").LogInformation($"Event: {e.EventBody}");
+}
+
+// Output
+[EventHubOutput("outeventhub", Connection = "EventHubConnection")]
+```
+
+## Table Storage
+
+```csharp
+// Input
+[TableInput("mytable", "{partitionKey}", "{rowKey}",
+ Connection = "AzureWebJobsStorage")] TableEntity entity
+
+// Output
+[TableOutput("mytable", Connection = "AzureWebJobsStorage")]
+```
+
+## SQL
+
+```csharp
+// Trigger
+[Function("SqlTrigger")]
+public static void Run(
+    [SqlTrigger("dbo.MyTable", "SqlConnection")] IReadOnlyList<SqlChange<MyItem>> changes,
+    FunctionContext context)
+{
+    foreach (var change in changes)
+        context.GetLogger("SQL").LogInformation($"Change: {change.Item.Id}");
+}
+
+// Input
+[SqlInput("SELECT * FROM dbo.MyTable WHERE Id = @Id",
+ "SqlConnection", parameters: "@Id={id}")] IEnumerable<MyItem> items
+
+// Output
+[SqlOutput("dbo.MyTable", "SqlConnection")]
+```
+
+## SignalR
+
+```csharp
+// Output
+[SignalROutput(HubName = "myhub", ConnectionStringSetting = "AzureSignalRConnectionString")]
+```
+
+## SendGrid
+
+```csharp
+[SendGridOutput(ApiKey = "SendGridApiKey", From = "noreply@example.com")]
+```
+
+## Multiple Outputs
+
+```csharp
+// Use a custom return type for multiple outputs
+public class MultiOutput
+{
+    [QueueOutput("outqueue", Connection = "AzureWebJobsStorage")]
+    public string QueueMessage { get; set; }
+
+    public HttpResponseData HttpResponse { get; set; }
+}
+
+[Function("MultiOutput")]
+public static MultiOutput Run(
+    [HttpTrigger(AuthorizationLevel.Anonymous, "post")] HttpRequestData req)
+{
+    return new MultiOutput
+    {
+        QueueMessage = "new item",
+        HttpResponse = req.CreateResponse(HttpStatusCode.OK)
+    };
+}
+```
+
+> Full reference: [Azure Functions C# isolated worker guide](https://learn.microsoft.com/en-us/azure/azure-functions/dotnet-isolated-process-guide)
diff --git a/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/java.md b/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/java.md
new file mode 100644
index 00000000..9a264cb4
--- /dev/null
+++ b/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/java.md
@@ -0,0 +1,214 @@
+# Java — Azure Functions Triggers & Bindings
+
+> **Model**: Java annotation-based model. Uses `@FunctionName` and trigger/binding annotations.
+> Import: `com.microsoft.azure.functions.*` and `com.microsoft.azure.functions.annotation.*`
+
+## HTTP Trigger
+
+```java
+@FunctionName("HttpFunction")
+public HttpResponseMessage run(
+    @HttpTrigger(name = "req", methods = {HttpMethod.GET, HttpMethod.POST},
+                 authLevel = AuthorizationLevel.ANONYMOUS) HttpRequestMessage<Optional<String>> request,
+    final ExecutionContext context) {
+    String name = request.getQueryParameters().get("name");
+    return request.createResponseBuilder(HttpStatus.OK).body("Hello, " + name).build();
+}
+```
+
+## Blob Storage
+
+```java
+// Trigger
+@FunctionName("BlobTrigger")
+public void run(
+    @BlobTrigger(name = "blob", path = "samples-workitems/{name}",
+                 connection = "AzureWebJobsStorage") byte[] content,
+    @BindingName("name") String name,
+    final ExecutionContext context) {
+    context.getLogger().info("Blob: " + name + ", Size: " + content.length);
+}
+
+// Input
+@BlobInput(name = "inputBlob", path = "input/{name}", connection = "AzureWebJobsStorage")
+
+// Output
+@BlobOutput(name = "outputBlob", path = "output/{name}-out", connection = "AzureWebJobsStorage")
+```
+
+## Queue Storage
+
+```java
+// Trigger
+@FunctionName("QueueTrigger")
+public void run(
+    @QueueTrigger(name = "message", queueName = "myqueue-items",
+                  connection = "AzureWebJobsStorage") String message,
+    final ExecutionContext context) {
+    context.getLogger().info("Queue message: " + message);
+}
+
+// Output
+@QueueOutput(name = "output", queueName = "outqueue", connection = "AzureWebJobsStorage")
+```
+
+## Timer
+
+```java
+@FunctionName("TimerFunction")
+public void run(
+    @TimerTrigger(name = "timer", schedule = "0 */5 * * * *") String timerInfo,
+    final ExecutionContext context) {
+    context.getLogger().info("Timer triggered");
+}
+```
+
+## Event Grid
+
+```java
+// Trigger
+@FunctionName("EventGridTrigger")
+public void run(
+    @EventGridTrigger(name = "event") EventGridEvent event,
+    final ExecutionContext context) {
+    context.getLogger().info("Event: " + event.subject());
+}
+
+// Output
+@EventGridOutput(name = "output", topicEndpointUri = "MyTopicUri",
+                 topicKeySetting = "MyTopicKey")
+```
+
+## Cosmos DB
+
+```java
+// Trigger (Change Feed)
+@FunctionName("CosmosDBTrigger")
+public void run(
+    @CosmosDBTrigger(name = "documents", databaseName = "mydb",
+                     containerName = "mycontainer", connection = "CosmosDBConnection",
+                     createLeaseContainerIfNotExists = true) String[] documents,
+    final ExecutionContext context) {
+    for (String doc : documents) context.getLogger().info("Doc: " + doc);
+}
+
+// Input
+@CosmosDBInput(name = "doc", databaseName = "mydb", containerName = "mycontainer",
+               connection = "CosmosDBConnection", id = "{id}", partitionKey = "{pk}")
+
+// Output
+@CosmosDBOutput(name = "newdoc", databaseName = "mydb", containerName = "mycontainer",
+                connection = "CosmosDBConnection")
+```
+
+## Service Bus
+
+```java
+// Queue Trigger
+@FunctionName("SBQueueTrigger")
+public void run(
+    @ServiceBusQueueTrigger(name = "message", queueName = "myqueue",
+                            connection = "ServiceBusConnection") String message,
+    final ExecutionContext context) {
+    context.getLogger().info("Message: " + message);
+}
+
+// Topic Trigger
+@FunctionName("SBTopicTrigger")
+public void run(
+    @ServiceBusTopicTrigger(name = "message", topicName = "mytopic",
+                            subscriptionName = "mysubscription",
+                            connection = "ServiceBusConnection") String message,
+    final ExecutionContext context) {
+    context.getLogger().info("Topic: " + message);
+}
+
+// Output
+@ServiceBusQueueOutput(name = "output", queueName = "outqueue",
+                       connection = "ServiceBusConnection")
+```
+
+## Event Hubs
+
+```java
+// Trigger
+@FunctionName("EventHubTrigger")
+public void run(
+    @EventHubTrigger(name = "event", eventHubName = "myeventhub",
+                     connection = "EventHubConnection", cardinality = Cardinality.MANY) List<String> events,
+    final ExecutionContext context) {
+    events.forEach(e -> context.getLogger().info("Event: " + e));
+}
+
+// Output
+@EventHubOutput(name = "output", eventHubName = "outeventhub",
+                connection = "EventHubConnection")
+```
+
+## Table Storage
+
+```java
+// Input
+@TableInput(name = "entity", tableName = "mytable", partitionKey = "{pk}",
+            rowKey = "{rk}", connection = "AzureWebJobsStorage")
+
+// Output
+@TableOutput(name = "output", tableName = "mytable", connection = "AzureWebJobsStorage")
+```
+
+## SQL
+
+```java
+// Trigger
+@FunctionName("SqlTrigger")
+public void run(
+    @SqlTrigger(name = "changes", tableName = "dbo.MyTable",
+                connectionStringSetting = "SqlConnection") SqlChange[] changes,
+    final ExecutionContext context) {
+    for (SqlChange change : changes) context.getLogger().info("Change: " + change);
+}
+
+// Input
+@SqlInput(name = "items", commandText = "SELECT * FROM dbo.MyTable WHERE Id = @Id",
+          commandType = "Text", parameters = "@Id={id}",
+          connectionStringSetting = "SqlConnection")
+
+// Output
+@SqlOutput(name = "output", commandText = "dbo.MyTable",
+           connectionStringSetting = "SqlConnection")
+```
+
+## SignalR
+
+```java
+@SignalROutput(name = "signalr", hubName = "myhub",
+               connectionStringSetting = "AzureSignalRConnectionString")
+```
+
+## SendGrid
+
+```java
+@SendGridOutput(name = "mail", apiKey = "SendGridApiKey",
+                from = "noreply@example.com", to = "{email}")
+```
+
+## Multiple Outputs
+
+Java uses `OutputBinding<T>` for additional outputs:
+
+```java
+@FunctionName("MultiOutput")
+public HttpResponseMessage run(
+    @HttpTrigger(name = "req", methods = {HttpMethod.POST},
+                 authLevel = AuthorizationLevel.ANONYMOUS) HttpRequestMessage<String> request,
+    @QueueOutput(name = "output", queueName = "outqueue",
+                 connection = "AzureWebJobsStorage") OutputBinding<String> queueOutput,
+    final ExecutionContext context) {
+    queueOutput.setValue("new item");
+    return request.createResponseBuilder(HttpStatus.OK).body("Processed").build();
+}
+```
+
+> **Note**: Java uses `function.json` generated at build time by the Maven plugin — you don't write them manually.
+
+> Full reference: [Azure Functions Java developer guide](https://learn.microsoft.com/en-us/azure/azure-functions/functions-reference-java)
diff --git a/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/javascript.md b/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/javascript.md
new file mode 100644
index 00000000..6e603477
--- /dev/null
+++ b/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/javascript.md
@@ -0,0 +1,325 @@
+# JavaScript (Node.js) — Azure Functions v4 Triggers & Bindings
+
+> **Model**: JavaScript v4 programming model. **NO** `function.json` files.
+> Import: `const { app, input, output } = require('@azure/functions');`
+
+## Lambda Migration Rules
+
+> Shared rules (bindings over SDKs, latest runtime, identity-first auth) → [global-rules.md](../global-rules.md)
+
+JS-specific:
+- Use `extraInputs` / `extraOutputs` with binding path expressions (e.g., `{queueTrigger}`) for dynamic blob I/O
+- Access metadata via `context.triggerMetadata`
+- `package.json`: `"@azure/functions": "^4.0.0"`
+
+### Correct Migration Pattern
+
+```javascript
+const { app, input, output } = require('@azure/functions');
+
+// Use bindings for blob I/O instead of BlobServiceClient SDK
+const blobInput = input.storageBlob({
+  path: 'source-container/{queueTrigger}',
+  connection: 'AzureWebJobsStorage'
+});
+
+const blobOutput = output.storageBlob({
+  path: 'destination-container/{queueTrigger}',
+  connection: 'AzureWebJobsStorage'
+});
+
+app.storageQueue('processImage', {
+  queueName: 'image-processing',
+  connection: 'AzureWebJobsStorage',
+  extraInputs: [blobInput],
+  extraOutputs: [blobOutput],
+  handler: async (queueItem, context) => {
+    const sourceBlob = context.extraInputs.get(blobInput);
+    context.log(`Processing blob: ${queueItem}`);
+    // Process the blob...
+    context.extraOutputs.set(blobOutput, processedBuffer);
+  }
+});
+```
+
+> ❌ Do NOT use legacy v1-v3 `module.exports` — always use `app.*()` registration.
+
+## HTTP Trigger
+
+```javascript
+app.http('httpFunction', {
+  methods: ['GET', 'POST'],
+  authLevel: 'anonymous',
+  handler: async (request, context) => {
+    const name = request.query.get('name') || (await request.text());
+    return { body: `Hello, ${name}!` };
+  }
+});
+```
+
+## Blob Storage
+
+```javascript
+// Trigger (use EventGrid source for reliability)
+app.storageBlob('blobTrigger', {
+  path: 'samples-workitems/{name}',
+  connection: 'AzureWebJobsStorage',
+  source: 'EventGrid',
+  handler: async (blob, context) => {
+    context.log(`Blob: ${context.triggerMetadata.name}, Size: ${blob.length}`);
+  }
+});
+
+// Input binding
+const blobInput = input.storageBlob({
+  path: 'samples-workitems/{queueTrigger}',
+  connection: 'AzureWebJobsStorage'
+});
+
+// Output binding
+const blobOutput = output.storageBlob({
+  path: 'samples-output/{name}-out',
+  connection: 'AzureWebJobsStorage'
+});
+```
+
+> **⚠️ Flex Consumption + EventGrid Source Requirements:**
+> When using `source: 'EventGrid'` on a Flex Consumption plan, three infrastructure requirements MUST be met or the trigger will silently fail:
+>
+> 1. **Always-ready instances**: Configure `alwaysReady: [{ name: 'blob', instanceCount: 1 }]` in Bicep. Without this, the trigger group never starts and the Event Grid webhook endpoint is never registered.
+> 2. **Queue endpoint**: Set `AzureWebJobsStorage__queueServiceUri` in app settings. The blob extension uses queues internally for poison-message tracking with EventGrid source, even though you're not using a queue trigger.
+> 3. **Event Grid subscription via Bicep/ARM**: Do NOT create event subscriptions via CLI — webhook validation times out on Flex Consumption. Deploy as a Bicep resource using `listKeys()` to obtain the `blobs_extension` system key.
+>
+> See [lambda-to-functions.md](../lambda-to-functions.md#flex-consumption--blob-trigger-with-eventgrid-source) for full Bicep patterns.
+
+### Using Azure AI Services with UAMI
+
+When calling Azure AI services (Computer Vision, etc.) from a function, use `DefaultAzureCredential` with explicit UAMI client ID:
+
+```javascript
+const { DefaultAzureCredential } = require('@azure/identity');
+const createClient = require('@azure-rest/ai-vision-image-analysis').default;
+
+const credential = new DefaultAzureCredential({
+  managedIdentityClientId: process.env.AZURE_CLIENT_ID  // Required for UAMI
+});
+const client = createClient(process.env.COMPUTER_VISION_ENDPOINT, credential);
+
+const result = await client.path('/imageanalysis:analyze').post({
+  body: { url: blobUrl },
+  queryParameters: { features: ['People'] }  // Use 'People' for face detection
+});
+```
+
+> **Note**: `@azure-rest/ai-vision-image-analysis` is still in beta. Pin explicitly: `"1.0.0-beta.3"` — the `^1.0.0` semver range does NOT resolve.
+
+## Queue Storage
+
+```javascript
+// Trigger
+app.storageQueue('queueTrigger', {
+  queueName: 'myqueue-items',
+  connection: 'AzureWebJobsStorage',
+  handler: async (queueItem, context) => {
+    context.log('Queue item:', queueItem);
+  }
+});
+
+// Output
+const queueOutput = output.storageQueue({
+  queueName: 'outqueue',
+  connection: 'AzureWebJobsStorage'
+});
+```
+
+## Timer
+
+```javascript
+app.timer('timerFunction', {
+  schedule: '0 */5 * * * *', // Every 5 minutes (NCRONTAB)
+  handler: async (myTimer, context) => {
+    context.log('Timer fired at:', myTimer.scheduleStatus.last);
+  }
+});
+```
+
+## Event Grid
+
+```javascript
+// Trigger
+app.eventGrid('eventGridTrigger', {
+  handler: async (event, context) => {
+    context.log('Event:', event.subject, event.eventType);
+  }
+});
+
+// Output
+const eventGridOutput = output.eventGrid({
+  topicEndpointUri: 'MyEventGridTopicUriSetting',
+  topicKeySetting: 'MyEventGridTopicKeySetting'
+});
+```
+
+## Cosmos DB
+
+```javascript
+// Trigger (Change Feed)
+app.cosmosDB('cosmosDBTrigger', {
+  connectionStringSetting: 'CosmosDBConnection',
+  databaseName: 'mydb',
+  containerName: 'mycontainer',
+  createLeaseContainerIfNotExists: true,
+  handler: async (documents, context) => {
+    documents.forEach(doc => context.log('Changed doc:', doc.id));
+  }
+});
+
+// Input
+const cosmosInput = input.cosmosDB({
+  connectionStringSetting: 'CosmosDBConnection',
+  databaseName: 'mydb',
+  containerName: 'mycontainer',
+  id: '{id}',
+  partitionKey: '{partitionKey}'
+});
+
+// Output
+const cosmosOutput = output.cosmosDB({
+  connectionStringSetting: 'CosmosDBConnection',
+  databaseName: 'mydb',
+  containerName: 'mycontainer'
+});
+```
+
+## Service Bus
+
+```javascript
+// Queue Trigger
+app.serviceBusQueue('sbQueueTrigger', {
+  queueName: 'myqueue',
+  connection: 'ServiceBusConnection',
+  handler: async (message, context) => {
+    context.log('Message:', message);
+  }
+});
+
+// Topic Trigger
+app.serviceBusTopic('sbTopicTrigger', {
+  topicName: 'mytopic',
+  subscriptionName: 'mysubscription',
+  connection: 'ServiceBusConnection',
+  handler: async (message, context) => {
+    context.log('Topic message:', message);
+  }
+});
+
+// Output
+const sbOutput = output.serviceBusQueue({
+  queueName: 'outqueue',
+  connection: 'ServiceBusConnection'
+});
+```
+
+## Event Hubs
+
+```javascript
+// Trigger
+app.eventHub('eventHubTrigger', {
+  eventHubName: 'myeventhub',
+  connection: 'EventHubConnection',
+  cardinality: 'many',
+  handler: async (events, context) => {
+    events.forEach(event => context.log('Event:', event));
+  }
+});
+
+// Output
+const ehOutput = output.eventHub({
+  eventHubName: 'outeventhub',
+  connection: 'EventHubConnection'
+});
+```
+
+## Table Storage
+
+```javascript
+// Input
+const tableInput = input.table({
+  tableName: 'mytable',
+  partitionKey: '{partitionKey}',
+  rowKey: '{rowKey}',
+  connection: 'AzureWebJobsStorage'
+});
+
+// Output
+const tableOutput = output.table({
+  tableName: 'mytable',
+  connection: 'AzureWebJobsStorage'
+});
+```
+
+## SQL
+
+```javascript
+// Trigger
+app.generic('sqlTrigger', {
+  trigger: { type: 'sqlTrigger', tableName: 'dbo.MyTable', connectionStringSetting: 'SqlConnection' },
+  handler: async (changes, context) => {
+    changes.forEach(change => context.log('Change:', change));
+  }
+});
+
+// Input
+const sqlInput = input.sql({
+  commandText: 'SELECT * FROM dbo.MyTable WHERE Id = @Id',
+  commandType: 'Text',
+  parameters: '@Id={id}',
+  connectionStringSetting: 'SqlConnection'
+});
+
+// Output
+const sqlOutput = output.sql({
+  commandText: 'dbo.MyTable',
+  connectionStringSetting: 'SqlConnection'
+});
+```
+
+## SignalR
+
+```javascript
+// Output
+const signalROutput = output.generic({
+  type: 'signalR',
+  hubName: 'myhub',
+  connectionStringSetting: 'AzureSignalRConnectionString'
+});
+```
+
+## SendGrid
+
+```javascript
+const sendGridOutput = output.generic({
+  type: 'sendGrid',
+  apiKey: 'SendGridApiKey',
+  from: 'noreply@example.com',
+  to: '{email}'
+});
+```
+
+## Using Bindings with Functions
+
+```javascript
+// Combine trigger with input/output bindings
+app.http('processItem', {
+  methods: ['POST'],
+  extraInputs: [cosmosInput],
+  extraOutputs: [queueOutput],
+  handler: async (request, context) => {
+    const doc = context.extraInputs.get(cosmosInput);
+    context.extraOutputs.set(queueOutput, JSON.stringify(doc));
+    return { body: 'Processed' };
+  }
+});
+```
+
+> Full reference: [Azure Functions JavaScript developer guide](https://learn.microsoft.com/en-us/azure/azure-functions/functions-reference-node)
diff --git a/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/powershell.md b/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/powershell.md
new file mode 100644
index 00000000..50e0213e
--- /dev/null
+++ b/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/powershell.md
@@ -0,0 +1,221 @@
+# PowerShell — Azure Functions Triggers & Bindings
+
+> **Model**: PowerShell uses `function.json` for binding definitions + `run.ps1` for handler code.
+> Each function lives in its own directory: `<FunctionName>/function.json` + `run.ps1`
+
+## Project Structure
+
+```
+src/
+├── host.json
+├── local.settings.json
+├── requirements.psd1
+├── profile.ps1
+├── HttpFunction/
+│   ├── function.json
+│   └── run.ps1
+└── TimerFunction/
+    ├── function.json
+    └── run.ps1
+```
+
+## HTTP Trigger
+
+**function.json:**
+```json
+{
+  "bindings": [
+    { "authLevel": "anonymous", "type": "httpTrigger", "direction": "in",
+      "name": "Request", "methods": ["get", "post"] },
+    { "type": "http", "direction": "out", "name": "Response" }
+  ]
+}
+```
+
+**run.ps1:**
+```powershell
+param($Request, $TriggerMetadata)
+$name = $Request.Query.Name
+Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
+    StatusCode = [HttpStatusCode]::OK
+    Body = "Hello, $name!"
+})
+```
+
+## Blob Storage
+
+**function.json:**
+```json
+{
+  "bindings": [
+    { "name": "InputBlob", "type": "blobTrigger", "direction": "in",
+      "path": "samples-workitems/{name}", "connection": "AzureWebJobsStorage" },
+    { "name": "OutputBlob", "type": "blob", "direction": "out",
+      "path": "output/{name}", "connection": "AzureWebJobsStorage" }
+  ]
+}
+```
+
+**run.ps1:**
+```powershell
+param($InputBlob, $TriggerMetadata)
+Write-Host "Blob: $($TriggerMetadata.Name), Size: $($InputBlob.Length)"
+Push-OutputBinding -Name OutputBlob -Value $InputBlob
+```
+
+## Queue Storage
+
+**function.json:**
+```json
+{
+  "bindings": [
+    { "name": "QueueItem", "type": "queueTrigger", "direction": "in",
+      "queueName": "myqueue-items", "connection": "AzureWebJobsStorage" },
+    { "name": "OutputQueue", "type": "queue", "direction": "out",
+      "queueName": "outqueue", "connection": "AzureWebJobsStorage" }
+  ]
+}
+```
+
+**run.ps1:**
+```powershell
+param($QueueItem, $TriggerMetadata)
+Write-Host "Queue message: $QueueItem"
+Push-OutputBinding -Name OutputQueue -Value "Processed: $QueueItem"
+```
+
+## Timer
+
+**function.json:**
+```json
+{
+  "bindings": [
+    { "name": "Timer", "type": "timerTrigger", "direction": "in",
+      "schedule": "0 */5 * * * *" }
+  ]
+}
+```
+
+**run.ps1:**
+```powershell
+param($Timer)
+Write-Host "Timer triggered at: $(Get-Date)"
+```
+
+## Event Grid
+
+**function.json:**
+```json
+{
+  "bindings": [
+    { "name": "EventGridEvent", "type": "eventGridTrigger", "direction": "in" }
+  ]
+}
+```
+
+**run.ps1:**
+```powershell
+param($EventGridEvent, $TriggerMetadata)
+Write-Host "Event: $($EventGridEvent.subject) - $($EventGridEvent.eventType)"
+```
+
+## Cosmos DB
+
+**function.json:**
+```json
+{
+  "bindings": [
+    { "name": "Documents", "type": "cosmosDBTrigger", "direction": "in",
+      "connectionStringSetting": "CosmosDBConnection", "databaseName": "mydb",
+      "containerName": "mycontainer", "createLeaseContainerIfNotExists": true },
+    { "name": "OutputDoc", "type": "cosmosDB", "direction": "out",
+      "connectionStringSetting": "CosmosDBConnection", "databaseName": "mydb",
+      "containerName": "outcontainer" }
+  ]
+}
+```
+
+**run.ps1:**
+```powershell
+param($Documents, $TriggerMetadata)
+foreach ($doc in $Documents) {
+    Write-Host "Changed doc: $($doc.id)"
+}
+```
+
+## Service Bus
+
+**function.json:**
+```json
+{
+  "bindings": [
+    { "name": "Message", "type": "serviceBusTrigger", "direction": "in",
+      "queueName": "myqueue", "connection": "ServiceBusConnection" },
+    { "name": "OutputMessage", "type": "serviceBus", "direction": "out",
+      "queueName": "outqueue", "connection": "ServiceBusConnection" }
+  ]
+}
+```
+
+**run.ps1:**
+```powershell
+param($Message, $TriggerMetadata)
+Write-Host "Message: $Message"
+Push-OutputBinding -Name OutputMessage -Value "Processed: $Message"
+```
+
+## Event Hubs
+
+**function.json:**
+```json
+{
+  "bindings": [
+    { "name": "Events", "type": "eventHubTrigger", "direction": "in",
+      "eventHubName": "myeventhub", "connection": "EventHubConnection",
+      "cardinality": "many" }
+  ]
+}
+```
+
+## Table Storage
+
+**function.json:**
+```json
+{
+  "bindings": [
+    { "name": "TableEntity", "type": "table", "direction": "in",
+      "tableName": "mytable", "partitionKey": "{pk}", "rowKey": "{rk}",
+      "connection": "AzureWebJobsStorage" },
+    { "name": "TableOut", "type": "table", "direction": "out",
+      "tableName": "mytable", "connection": "AzureWebJobsStorage" }
+  ]
+}
+```
+
+## SQL
+
+**function.json:**
+```json
+{
+  "bindings": [
+    { "name": "Changes", "type": "sqlTrigger", "direction": "in",
+      "tableName": "dbo.MyTable", "connectionStringSetting": "SqlConnection" }
+  ]
+}
+```
+
+## SendGrid
+
+**function.json:**
+```json
+{
+  "bindings": [
+    { "name": "Mail", "type": "sendGrid", "direction": "out",
+      "apiKey": "SendGridApiKey", "from": "noreply@example.com" }
+  ]
+}
+```
+
+> **Note**: PowerShell always requires `function.json` — it does not support inline binding definitions.
+
+> Full reference: [Azure Functions PowerShell developer guide](https://learn.microsoft.com/en-us/azure/azure-functions/functions-reference-powershell)
diff --git a/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/python.md b/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/python.md
new file mode 100644
index 00000000..6921b95b
--- /dev/null
+++ b/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/python.md
@@ -0,0 +1,199 @@
+# Python — Azure Functions v2 Triggers & Bindings
+
+> **Model**: Python v2 programming model. **NO** `function.json` files.
+> Entry point: `function_app.py`
+> Import: `import azure.functions as func`
+
+## Lambda Migration Rules
+
+> Shared rules (bindings over SDKs, latest runtime, identity-first auth) → [global-rules.md](../global-rules.md)
+
+Python-specific: all functions use the v2 decorator model shown throughout this file. No additional migration rules beyond global.
+
+## HTTP Trigger
+
+```python
+@app.route(route="hello", methods=["GET", "POST"], auth_level=func.AuthLevel.ANONYMOUS)
+def http_function(req: func.HttpRequest) -> func.HttpResponse:
+    name = req.params.get('name') or req.get_body().decode()
+    return func.HttpResponse(f"Hello, {name}!")
+```
+
+## Blob Storage
+
+```python
+# Trigger (use EventGrid source)
+@app.blob_trigger(arg_name="myblob", path="samples-workitems/{name}",
+                  connection="AzureWebJobsStorage", source="EventGrid")
+def blob_trigger(myblob: func.InputStream):
+    logging.info(f"Blob: {myblob.name}, Size: {myblob.length}")
+
+# Input
+@app.blob_input(arg_name="inputblob", path="input/{name}", connection="AzureWebJobsStorage")
+
+# Output
+@app.blob_output(arg_name="outputblob", path="output/{name}", connection="AzureWebJobsStorage")
+```
+
+## Queue Storage
+
+```python
+# Trigger
+@app.queue_trigger(arg_name="msg", queue_name="myqueue-items",
+                   connection="AzureWebJobsStorage")
+def queue_trigger(msg: func.QueueMessage):
+    logging.info(f"Queue message: {msg.get_body().decode()}")
+
+# Output
+@app.queue_output(arg_name="outputmsg", queue_name="outqueue",
+                  connection="AzureWebJobsStorage")
+```
+
+## Timer
+
+```python
+@app.timer_trigger(schedule="0 */5 * * * *", arg_name="mytimer",
+                   run_on_startup=False)
+def timer_function(mytimer: func.TimerRequest):
+    logging.info("Timer triggered")
+```
+
+## Event Grid
+
+```python
+# Trigger
+@app.event_grid_trigger(arg_name="event")
+def eventgrid_trigger(event: func.EventGridEvent):
+    logging.info(f"Event: {event.subject} - {event.event_type}")
+
+# Output
+@app.event_grid_output(arg_name="outputEvent",
+                       topic_endpoint_uri="MyEventGridTopicUriSetting",
+                       topic_key_setting="MyEventGridTopicKeySetting")
+```
+
+## Cosmos DB
+
+```python
+# Trigger (Change Feed)
+@app.cosmos_db_trigger_v3(arg_name="documents",
+                          connection="CosmosDBConnection",
+                          database_name="mydb",
+                          container_name="mycontainer",
+                          create_lease_container_if_not_exists=True)
+def cosmosdb_trigger(documents: func.DocumentList):
+    for doc in documents:
+        logging.info(f"Changed doc: {doc['id']}")
+
+# Input
+@app.cosmos_db_input(arg_name="doc", connection="CosmosDBConnection",
+                     database_name="mydb", container_name="mycontainer",
+                     id="{id}", partition_key="{partitionKey}")
+
+# Output
+@app.cosmos_db_output(arg_name="newdoc", connection="CosmosDBConnection",
+                      database_name="mydb", container_name="mycontainer")
+```
+
+## Service Bus
+
+```python
+# Queue Trigger
+@app.service_bus_queue_trigger(arg_name="msg", queue_name="myqueue",
+                               connection="ServiceBusConnection")
+def sb_queue_trigger(msg: func.ServiceBusMessage):
+    logging.info(f"Message: {msg.get_body().decode()}")
+
+# Topic Trigger
+@app.service_bus_topic_trigger(arg_name="msg", topic_name="mytopic",
+                                subscription_name="mysubscription",
+                                connection="ServiceBusConnection")
+def sb_topic_trigger(msg: func.ServiceBusMessage):
+    logging.info(f"Topic message: {msg.get_body().decode()}")
+
+# Output
+@app.service_bus_queue_output(arg_name="outmsg", queue_name="outqueue",
+                              connection="ServiceBusConnection")
+```
+
+## Event Hubs
+
+```python
+# Trigger
+@app.event_hub_message_trigger(arg_name="event", event_hub_name="myeventhub",
+                                connection="EventHubConnection",
+                                cardinality="many")
+def eventhub_trigger(event: func.EventHubEvent):
+    logging.info(f"Event: {event.get_body().decode()}")
+
+# Output
+@app.event_hub_output(arg_name="outevent", event_hub_name="outeventhub",
+                      connection="EventHubConnection")
+```
+
+## Table Storage
+
+```python
+# Input
+@app.table_input(arg_name="tableEntity", table_name="mytable",
+                 partition_key="{partitionKey}", row_key="{rowKey}",
+                 connection="AzureWebJobsStorage")
+
+# Output
+@app.table_output(arg_name="tableOut", table_name="mytable",
+                  connection="AzureWebJobsStorage")
+```
+
+## SQL
+
+```python
+# Trigger
+@app.sql_trigger(arg_name="changes", table_name="dbo.MyTable",
+                 connection_string_setting="SqlConnection")
+def sql_trigger(changes: func.SqlRowList):
+    for change in changes:
+        logging.info(f"Change: {change}")
+
+# Input
+@app.sql_input(arg_name="items",
+               command_text="SELECT * FROM dbo.MyTable WHERE Id = @Id",
+               command_type="Text", parameters="@Id={id}",
+               connection_string_setting="SqlConnection")
+
+# Output
+@app.sql_output(arg_name="newitem", command_text="dbo.MyTable",
+                connection_string_setting="SqlConnection")
+```
+
+## SignalR
+
+```python
+@app.generic_output_binding(arg_name="signalr", type="signalR",
+                             hub_name="myhub",
+                             connection_string_setting="AzureSignalRConnectionString")
+```
+
+## SendGrid
+
+```python
+@app.generic_output_binding(arg_name="mail", type="sendGrid",
+                             api_key="SendGridApiKey",
+                             from_address="noreply@example.com")
+```
+
+## Combining Decorators
+
+```python
+@app.route(route="process", methods=["POST"])
+@app.cosmos_db_input(arg_name="doc", connection="CosmosDBConnection",
+                     database_name="mydb", container_name="mycontainer",
+                     id="{id}", partition_key="{pk}")
+@app.queue_output(arg_name="outmsg", queue_name="outqueue",
+                  connection="AzureWebJobsStorage")
+def process_item(req: func.HttpRequest, doc: func.DocumentList,
+                 outmsg: func.Out[str]) -> func.HttpResponse:
+    outmsg.set(doc[0].to_json())
+    return func.HttpResponse("Processed")
+```
+
+> Full reference: [Azure Functions Python developer guide](https://learn.microsoft.com/en-us/azure/azure-functions/functions-reference-python)
diff --git a/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/typescript.md b/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/typescript.md
new file mode 100644
index 00000000..9230f319
--- /dev/null
+++ b/plugin/skills/azure-cloud-migrate/references/services/functions/runtimes/typescript.md
@@ -0,0 +1,119 @@
+# TypeScript — Azure Functions v4 Triggers & Bindings
+
+> **Model**: Node.js v4 programming model (TypeScript). Same as JavaScript v4 with type annotations.
+> **NO** `function.json` files.
+> Import: `import { app, HttpRequest, HttpResponseInit, InvocationContext, input, output } from '@azure/functions';`
+
+TypeScript uses the same `app.*()` registration as JavaScript. See [javascript.md](javascript.md) for all trigger/binding patterns. Below are TypeScript-specific type signatures.
+
+## HTTP Trigger
+
+```typescript
+import { app, HttpRequest, HttpResponseInit, InvocationContext } from '@azure/functions';
+
+app.http('httpFunction', {
+  methods: ['GET', 'POST'],
+  authLevel: 'anonymous',
+  handler: async (request: HttpRequest, context: InvocationContext): Promise<HttpResponseInit> => {
+    const name = request.query.get('name') || (await request.text());
+    return { body: `Hello, ${name}!` };
+  }
+});
+```
+
+## Blob Storage Trigger
+
+```typescript
+import { app, InvocationContext } from '@azure/functions';
+
+app.storageBlob('blobTrigger', {
+  path: 'samples-workitems/{name}',
+  connection: 'AzureWebJobsStorage',
+  source: 'EventGrid',
+  handler: async (blob: Buffer, context: InvocationContext): Promise<void> => {
+    context.log(`Blob: ${context.triggerMetadata.name}, Size: ${blob.length}`);
+  }
+});
+```
+
+## Queue Storage Trigger
+
+```typescript
+app.storageQueue('queueTrigger', {
+  queueName: 'myqueue-items',
+  connection: 'AzureWebJobsStorage',
+  handler: async (queueItem: unknown, context: InvocationContext): Promise<void> => {
+    context.log('Queue item:', queueItem);
+  }
+});
+```
+
+## Timer Trigger
+
+```typescript
+import { app, InvocationContext, Timer } from '@azure/functions';
+
+app.timer('timerFunction', {
+  schedule: '0 */5 * * * *',
+  handler: async (myTimer: Timer, context: InvocationContext): Promise<void> => {
+    context.log('Timer fired at:', myTimer.scheduleStatus?.last);
+  }
+});
+```
+
+## Cosmos DB Trigger
+
+```typescript
+app.cosmosDB('cosmosDBTrigger', {
+  connectionStringSetting: 'CosmosDBConnection',
+  databaseName: 'mydb',
+  containerName: 'mycontainer',
+  createLeaseContainerIfNotExists: true,
+  handler: async (documents: unknown[], context: InvocationContext): Promise<void> => {
+    documents.forEach(doc => context.log('Changed doc:', doc));
+  }
+});
+```
+
+## Service Bus Queue Trigger
+
+```typescript
+app.serviceBusQueue('sbQueueTrigger', {
+  queueName: 'myqueue',
+  connection: 'ServiceBusConnection',
+  handler: async (message: unknown, context: InvocationContext): Promise<void> => {
+    context.log('Message:', message);
+  }
+});
+```
+
+## Event Grid Trigger
+
+```typescript
+import { app, EventGridEvent, InvocationContext } from '@azure/functions';
+
+app.eventGrid('eventGridTrigger', {
+  handler: async (event: EventGridEvent, context: InvocationContext): Promise<void> => {
+    context.log('Event:', event.subject, event.eventType);
+  }
+});
+```
+
+## Event Hubs Trigger
+
+```typescript
+app.eventHub('eventHubTrigger', {
+  eventHubName: 'myeventhub',
+  connection: 'EventHubConnection',
+  cardinality: 'many',
+  handler: async (events: unknown[], context: InvocationContext): Promise<void> => {
+    events.forEach(event => context.log('Event:', event));
+  }
+});
+```
+
+## Input/Output Bindings
+
+TypeScript uses the same `input.*()` and `output.*()` helpers as JavaScript. See [javascript.md](javascript.md) for full binding examples — all patterns are identical with added type annotations.
+
+> Full reference: [Azure Functions TypeScript developer guide](https://learn.microsoft.com/en-us/azure/azure-functions/functions-reference-node?tabs=typescript)
diff --git a/plugin/skills/azure-cloud-migrate/references/workflow-details.md b/plugin/skills/azure-cloud-migrate/references/workflow-details.md
new file mode 100644
index 00000000..e5ffa38a
--- /dev/null
+++ b/plugin/skills/azure-cloud-migrate/references/workflow-details.md
@@ -0,0 +1,26 @@
+# Workflow Details
+
+## Status Tracking
+
+Maintain a `migration-status.md` file in the output directory (`<source-folder>-azure/`):
+
+```markdown
+# Migration Status
+| Phase | Status | Notes |
+|-------|--------|-------|
+| Assessment | ⬜ Not Started | |
+| Code Migration | ⬜ Not Started | |
+```
+
+Update status: ⬜ Not Started → 🔄 In Progress → ✅ Complete → ❌ Failed
+
+## Error Handling
+
+| Error | Cause | Remediation |
+|-------|-------|-------------|
+| Unsupported runtime | Source runtime not available in target Azure service | Check target service's supported languages documentation |
+| Missing service mapping | Source service has no direct Azure equivalent | Use closest Azure alternative, document in assessment |
+| Code migration failure | Incompatible patterns or dependencies | Review scenario-specific guide in [lambda-to-functions.md](services/functions/lambda-to-functions.md) |
+| `azd init` refuses non-empty directory | azd requires clean directory for template init | Use temp directory approach: init in empty dir, copy files back |
+
+> For scenario-specific errors (e.g., Azure Functions binding issues, trigger configuration), see the error table in the corresponding scenario reference.
diff --git a/plugin/skills/azure-prepare/SKILL.md b/plugin/skills/azure-prepare/SKILL.md
index 003374cd..ea4c7bf4 100644
--- a/plugin/skills/azure-prepare/SKILL.md
+++ b/plugin/skills/azure-prepare/SKILL.md
@@ -1,6 +1,6 @@
 ---
 name: azure-prepare
-description: "Default entry point for Azure application development. Analyzes your project and prepares it for Azure deployment by generating infrastructure code (Bicep/Terraform), azure.yaml, and Dockerfiles. WHEN: \"create an app\", \"build a web app\", \"create API\", \"create frontend\", \"create backend\", \"add a feature\", \"build a service\", \"develop a project\", \"migrate my app\", \"modernize my code\", \"update my application\", \"add database\", \"add authentication\", \"add caching\", \"deploy to Azure\", \"host on Azure\", \"Azure with terraform\", \"Azure with azd\", \"generate azure.yaml\", \"generate Bicep\", \"generate Terraform\", \"create Azure Functions app\", \"create serverless HTTP API\", \"create function app\", \"create event-driven function\", \"create and deploy to Azure\", \"create Azure Functions and deploy\", \"create function app and deploy\"."
+description: "Default entry point for Azure application development EXCEPT cross-cloud migration — use azure-cloud-migrate instead. Analyzes your project and prepares it for Azure deployment by generating infrastructure code (Bicep/Terraform), azure.yaml, and Dockerfiles. WHEN: \"create an app\", \"build a web app\", \"create API\", \"create frontend\", \"create backend\", \"add a feature\", \"build a service\", \"develop a project\", \"modernize my code\", \"update my application\", \"add database\", \"add authentication\", \"add caching\", \"deploy to Azure\", \"host on Azure\", \"Azure with terraform\", \"Azure with azd\", \"generate azure.yaml\", \"generate Bicep\", \"generate Terraform\", \"create Azure Functions app\", \"create serverless HTTP API\", \"create function app\", \"create event-driven function\", \"create and deploy to Azure\", \"create Azure Functions and deploy\", \"create function app and deploy\"."
 ---
 
 # Azure Prepare
@@ -17,7 +17,7 @@ Activate this skill when user wants to:
 - Create a new application
 - Add services or components to an existing app
 - Make updates or changes to existing application
-- Modernize or migrate an application
+- Modernize an application
 - Set up Azure infrastructure
 - Deploy to Azure or host on Azure
 
diff --git a/plugin/skills/azure-prepare/references/analyze.md b/plugin/skills/azure-prepare/references/analyze.md
index d5a5abcb..e29b74f1 100644
--- a/plugin/skills/azure-prepare/references/analyze.md
+++ b/plugin/skills/azure-prepare/references/analyze.md
@@ -39,7 +39,9 @@ What does the user want to do?
 │   ├── Has azure.yaml/infra? → Mode: MODIFY
 │   └── No Azure config? → Mode: MODERNIZE (add Azure support first)
 │
-└── Migrate/modernize for Azure → Mode: MODERNIZE
+└── Migrate/modernize for Azure
+    ├── Cross-cloud migration (AWS/GCP/Lambda)? → **Invoke azure-cloud-migrate skill** (do NOT continue in azure-prepare)
+    └── On-prem or generic modernization → Mode: MODERNIZE
 ```
 
 ## Mode: NEW
diff --git a/plugin/skills/azure-prepare/references/specialized-routing.md b/plugin/skills/azure-prepare/references/specialized-routing.md
index 7cb15105..e0e23907 100644
--- a/plugin/skills/azure-prepare/references/specialized-routing.md
+++ b/plugin/skills/azure-prepare/references/specialized-routing.md
@@ -4,10 +4,13 @@
 
 ## Prompt-Based Routing Table
 
-| User prompt mentions | Invoke skill FIRST | Then resume azure-prepare at |
-|---------------------|--------------------|-----------------------------|
-| copilot SDK, copilot app, copilot-powered, @github/copilot-sdk, CopilotClient, sendAndWait, copilot-sdk-service | **azure-hosted-copilot-sdk** | Phase 1 Step 4 (Select Recipe) |
-| Azure Functions, function app, serverless function, timer trigger, HTTP trigger, queue trigger, func new, func start | Stay in **azure-prepare** | Phase 1 Step 4 (Select Recipe) — prefer Azure Functions templates |
+> **⚠️ PRIORITY RULE**: Check rows **top to bottom**. The first match wins. If the prompt mentions **AWS Lambda migration or AWS Lambda**, invoke **azure-cloud-migrate** even if Azure Functions are also mentioned.
+
+| Priority | User prompt mentions | Invoke skill FIRST | Then resume azure-prepare at |
+|----------|---------------------|--------------------|-----------------------------|
+| **1 (highest)** | Lambda, AWS Lambda, migrate AWS, migrate GCP, Lambda to Functions, migrate from AWS, migrate from GCP | **azure-cloud-migrate** | Phase 1 Step 4 (Select Recipe) — azure-cloud-migrate does assessment + code conversion, then azure-prepare takes over for infrastructure, local testing, or deployment |
+| 2 | copilot SDK, copilot app, copilot-powered, @github/copilot-sdk, CopilotClient, sendAndWait, copilot-sdk-service | **azure-hosted-copilot-sdk** | Phase 1 Step 4 (Select Recipe) |
+| 3 (lowest) | Azure Functions, function app, serverless function, timer trigger, HTTP trigger, queue trigger, func new, func start | Stay in **azure-prepare** | Phase 1 Step 4 (Select Recipe) — prefer Azure Functions templates |
 
 > ⚠️ This checks the user's **prompt text**, not just existing code. Essential for greenfield projects where there is no codebase to scan.
 
diff --git a/tests/azure-cloud-migrate/__snapshots__/triggers.test.ts.snap b/tests/azure-cloud-migrate/__snapshots__/triggers.test.ts.snap
new file mode 100644
index 00000000..7e44b126
--- /dev/null
+++ b/tests/azure-cloud-migrate/__snapshots__/triggers.test.ts.snap
@@ -0,0 +1,67 @@
+// Jest Snapshot v1, https://goo.gl/fbAQLP
+
+exports[`azure-cloud-migrate - Trigger Tests Trigger Keywords Snapshot skill description triggers match snapshot 1`] = `
+{
+  "description": "Assess and migrate cross-cloud workloads to Azure. Generates assessment reports and converts code from AWS, GCP, or other providers to Azure services. WHEN: "migrate Lambda to Azure Functions", "migrate AWS to Azure", "Lambda migration assessment", "convert s AWS erverless to Azure", "migration readiness report", "migrate from AWS", "migrate from GCP", "cross-cloud migration".",
+  "extractedKeywords": [
+    "assess",
+    "assessment",
+    "azure",
+    "cloud",
+    "code",
+    "convert",
+    "converts",
+    "cross-cloud",
+    "deploy",
+    "erverless",
+    "from",
+    "function",
+    "functions",
+    "generates",
+    "lambda",
+    "mcp",
+    "migrate",
+    "migration",
+    "other",
+    "providers",
+    "readiness",
+    "report",
+    "reports",
+    "services",
+    "when",
+    "workloads",
+  ],
+  "name": "azure-cloud-migrate",
+}
+`;
+
+exports[`azure-cloud-migrate - Trigger Tests Trigger Keywords Snapshot skill keywords match snapshot 1`] = `
+[
+  "assess",
+  "assessment",
+  "azure",
+  "cloud",
+  "code",
+  "convert",
+  "converts",
+  "cross-cloud",
+  "deploy",
+  "erverless",
+  "from",
+  "function",
+  "functions",
+  "generates",
+  "lambda",
+  "mcp",
+  "migrate",
+  "migration",
+  "other",
+  "providers",
+  "readiness",
+  "report",
+  "reports",
+  "services",
+  "when",
+  "workloads",
+]
+`;
diff --git a/tests/azure-cloud-migrate/integration.test.ts b/tests/azure-cloud-migrate/integration.test.ts
new file mode 100644
index 00000000..14e6e328
--- /dev/null
+++ b/tests/azure-cloud-migrate/integration.test.ts
@@ -0,0 +1,106 @@
+/**
+ * Integration Tests for azure-cloud-migrate
+ *
+ * Tests skill behavior with a real Copilot agent session.
+ *
+ * Prerequisites:
+ * 1. npm install -g @github/copilot-cli
+ * 2. Run `copilot` and authenticate
+ */
+ 
+import {
+  shouldSkipIntegrationTests,
+  getIntegrationSkipReason,
+  useAgentRunner,
+  isSkillInvoked
+} from "../utils/agent-runner";
+import { cloneRepo } from "../utils/git-clone";
+import { expectFiles } from "../utils/evaluate";
+ 
+const SKILL_NAME = "azure-cloud-migrate";
+const FACE_BLUR_REPO = "https://github.com/aws-samples/serverless-face-blur-service.git";
+const WEBAPP_REPO = "https://github.com/aws-samples/lambda-refarch-webapp.git";
+ 
+const skipTests = shouldSkipIntegrationTests();
+const skipReason = getIntegrationSkipReason();
+ 
+if (skipTests && skipReason) {
+  console.log(`⏭️  Skipping integration tests: ${skipReason}`);
+}
+ 
+const describeIntegration = skipTests ? describe.skip : describe;
+const migrationTestTimeoutMs = 2700000;
+const FOLLOW_UP_PROMPT = ["Go with recommended options and test it locally."];
+ 
+describeIntegration(`${SKILL_NAME}_ - Integration Tests`, () => {
+  const agent = useAgentRunner();
+ 
+  describe("brownfield-lambda", () => {
+    test("migrates serverless-face-blur-service Lambda to Azure", async () => {
+      let workspacePath: string | undefined;
+ 
+      const agentMetadata = await agent.run({
+        setup: async (workspace: string) => {
+          workspacePath = workspace;
+          await cloneRepo({
+            repoUrl: FACE_BLUR_REPO,
+            targetDir: workspace,
+            depth: 1,
+          });
+        },
+        prompt: "Migrate this Lambda to Azure. "+
+        "Use the eastus2 region. " +
+        "Use my current subscription. ",
+        nonInteractive: true,
+        followUp: FOLLOW_UP_PROMPT,
+      });
+ 
+      const isSkillUsed = isSkillInvoked(agentMetadata, SKILL_NAME);
+      expect(isSkillUsed).toBe(true);
+ 
+      // Verify migrated files exist in the -azure directory
+      expect(workspacePath).toBeDefined();
+      const migratedPath = workspacePath + "-azure";
+      expectFiles(migratedPath, [
+        /src\/app\.js$/,
+        /src\/detectFaces\.js$/,
+        /src\/blurFaces\.js$/,
+        /migration-status\.md$/,
+        /migration-assessment-report\.md$/
+      ], []);
+    }, migrationTestTimeoutMs);
+  });
+ 
+  describe("brownfield-lambda-webapp", () => {
+    test("migrates lambda-refarch-webapp to Azure", async () => {
+      let workspacePath: string | undefined;
+ 
+      const agentMetadata = await agent.run({
+        setup: async (workspace: string) => {
+          workspacePath = workspace;
+          await cloneRepo({
+            repoUrl: WEBAPP_REPO,
+            targetDir: workspace,
+            depth: 1,
+          });
+        },
+        prompt: "Migrate this Lambda to Azure. "+
+        "Use the eastus2 region. " +
+        "Use my current subscription. ",
+        nonInteractive: true,
+        followUp: FOLLOW_UP_PROMPT,
+      });
+ 
+      const isSkillUsed = isSkillInvoked(agentMetadata, SKILL_NAME);
+      expect(isSkillUsed).toBe(true);
+ 
+      // Verify migrated files exist in the -azure directory
+      expect(workspacePath).toBeDefined();
+      const migratedPath = workspacePath + "-azure";
+      expectFiles(migratedPath, [
+        /migration-status\.md$/,
+        /migration-assessment-report\.md$/
+      ], []);
+    }, migrationTestTimeoutMs);
+  });
+});
\ No newline at end of file
diff --git a/tests/azure-cloud-migrate/triggers.test.ts b/tests/azure-cloud-migrate/triggers.test.ts
new file mode 100644
index 00000000..80752f48
--- /dev/null
+++ b/tests/azure-cloud-migrate/triggers.test.ts
@@ -0,0 +1,100 @@
+/**
+ * Trigger Tests for azure-cloud-migrate
+ * 
+ * Tests that verify the skill triggers on appropriate prompts
+ * and does NOT trigger on unrelated prompts.
+ * 
+ * Uses snapshot testing + parameterized tests for comprehensive coverage.
+ */
+
+import { TriggerMatcher } from "../utils/trigger-matcher";
+import { loadSkill, LoadedSkill } from "../utils/skill-loader";
+
+const SKILL_NAME = "azure-cloud-migrate";
+
+describe(`${SKILL_NAME} - Trigger Tests`, () => {
+  let triggerMatcher: TriggerMatcher;
+  let skill: LoadedSkill;
+
+  beforeAll(async () => {
+    skill = await loadSkill(SKILL_NAME);
+    triggerMatcher = new TriggerMatcher(skill);
+  });
+
+  describe("Should Trigger", () => {
+    // Prompts that SHOULD trigger this skill - cloud migration workflows
+    const shouldTriggerPrompts: string[] = [
+      "How do I migrate my AWS Lambda functions to Azure Functions?",
+      "I want to migrate from AWS to Azure",
+      "Can you do a Lambda migration assessment for my project?",
+      "Convert my serverless functions to Azure",
+      "Generate a migration readiness report for my Lambda functions",
+      "Help me migrate code to Azure Functions",
+      "Assess my AWS Lambda project for Azure migration",
+      "I need to move my Lambda workloads to Azure Functions",
+    ];
+
+    test.each(shouldTriggerPrompts)(
+      'triggers on: "%s"',
+      (prompt) => {
+        const result = triggerMatcher.shouldTrigger(prompt);
+        expect(result.triggered).toBe(true);
+      }
+    );
+  });
+
+  describe("Should NOT Trigger", () => {
+    // Prompts that should NOT trigger this skill (avoid migration/Azure keywords)
+    const shouldNotTriggerPrompts: string[] = [
+      "What is the weather today?",
+      "Help me write a poem",
+      "Explain quantum computing",
+      "How do I use Google Cloud Platform?",
+      "Write a Python script to parse JSON",
+      "What is the capital of France?",
+      "Help me debug my React application",
+      "How do I optimize MySQL queries?",
+    ];
+
+    test.each(shouldNotTriggerPrompts)(
+      'does not trigger on: "%s"',
+      (prompt) => {
+        const result = triggerMatcher.shouldTrigger(prompt);
+        expect(result.triggered).toBe(false);
+      }
+    );
+  });
+
+  describe("Trigger Keywords Snapshot", () => {
+    test("skill keywords match snapshot", () => {
+      expect(triggerMatcher.getKeywords()).toMatchSnapshot();
+    });
+
+    test("skill description triggers match snapshot", () => {
+      expect({
+        name: skill.metadata.name,
+        description: skill.metadata.description,
+        extractedKeywords: triggerMatcher.getKeywords()
+      }).toMatchSnapshot();
+    });
+  });
+
+  describe("Edge Cases", () => {
+    test("handles empty prompt", () => {
+      const result = triggerMatcher.shouldTrigger("");
+      expect(result.triggered).toBe(false);
+    });
+
+    test("handles very long prompt", () => {
+      const longPrompt = "migrate AWS Lambda ".repeat(1000);
+      const result = triggerMatcher.shouldTrigger(longPrompt);
+      expect(typeof result.triggered).toBe("boolean");
+    });
+
+    test("is case insensitive", () => {
+      const lower = triggerMatcher.shouldTrigger("migrate lambda to functions");
+      const upper = triggerMatcher.shouldTrigger("MIGRATE LAMBDA TO FUNCTIONS");
+      expect(lower.triggered).toBe(upper.triggered);
+    });
+  });
+});
diff --git a/tests/azure-cloud-migrate/unit.test.ts b/tests/azure-cloud-migrate/unit.test.ts
new file mode 100644
index 00000000..24ce4a16
--- /dev/null
+++ b/tests/azure-cloud-migrate/unit.test.ts
@@ -0,0 +1,87 @@
+/**
+ * Unit Tests for azure-cloud-migrate
+ *
+ * Test isolated skill logic and validation rules.
+ */
+ 
+import { loadSkill, LoadedSkill } from "../utils/skill-loader";
+ 
+const SKILL_NAME = "azure-cloud-migrate";
+ 
+describe(`${SKILL_NAME} - Unit Tests`, () => {
+  let skill: LoadedSkill;
+ 
+  beforeAll(async () => {
+    skill = await loadSkill(SKILL_NAME);
+  });
+ 
+  describe("Skill Metadata", () => {
+    test("has valid SKILL.md with required fields", () => {
+      expect(skill.metadata).toBeDefined();
+      expect(skill.metadata.name).toBe(SKILL_NAME);
+      expect(skill.metadata.description).toBeDefined();
+      expect(skill.metadata.description.length).toBeGreaterThan(10);
+    });
+ 
+    test("description meets Medium-High compliance length", () => {
+      // Descriptions should be 150-1024 chars for Medium-High compliance
+      expect(skill.metadata.description.length).toBeGreaterThan(150);
+      expect(skill.metadata.description.length).toBeLessThanOrEqual(1024);
+    });
+ 
+    test("description contains WHEN trigger phrases", () => {
+      const description = skill.metadata.description.toLowerCase();
+      expect(description).toContain("when:");
+    });
+
+    test("description does not use risky DO NOT USE FOR", () => {
+      const description = skill.metadata.description.toLowerCase();
+      expect(description).not.toContain("do not use for:");
+    });
+
+    test("description word count is within limit", () => {
+      const words = skill.metadata.description.split(/\s+/).length;
+      expect(words).toBeLessThanOrEqual(60);
+    });
+  });
+ 
+  describe("Skill Content", () => {
+    test("has substantive content", () => {
+      expect(skill.content).toBeDefined();
+      expect(skill.content.length).toBeGreaterThan(100);
+    });
+ 
+    test("contains expected sections", () => {
+      expect(skill.content).toContain("## Rules");
+      expect(skill.content).toContain("## Steps");
+      expect(skill.content).toContain("## Migration Scenarios");
+      expect(skill.content).toContain("## Output Directory");
+    });
+ 
+    test("references azure-prepare for post-migration", () => {
+      expect(skill.content).toContain("azure-prepare");
+    });
+  });
+ 
+  describe("Migration Workflow", () => {
+    test("mentions assessment phase", () => {
+      expect(skill.content.toLowerCase()).toContain("assessment");
+    });
+ 
+    test("includes code migration guidance", () => {
+      const content = skill.content.toLowerCase();
+      expect(content).toContain("code migration");
+    });
+ 
+    test("references migration scenarios", () => {
+      const content = skill.content.toLowerCase();
+      const hasLambda = content.includes("lambda");
+      const hasScenarios = content.includes("migration scenarios");
+      expect(hasLambda || hasScenarios).toBe(true);
+    });
+ 
+    test("references workflow details", () => {
+      expect(skill.content).toContain("workflow-details.md");
+    });
+  });
+});
\ No newline at end of file
diff --git a/tests/azure-prepare/__snapshots__/triggers.test.ts.snap b/tests/azure-prepare/__snapshots__/triggers.test.ts.snap
index 4b9a5e3e..a691cf43 100644
--- a/tests/azure-prepare/__snapshots__/triggers.test.ts.snap
+++ b/tests/azure-prepare/__snapshots__/triggers.test.ts.snap
@@ -2,12 +2,13 @@
 
 exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill description triggers match snapshot 1`] = `
 {
-  "description": "Default entry point for Azure application development. Analyzes your project and prepares it for Azure deployment by generating infrastructure code (Bicep/Terraform), azure.yaml, and Dockerfiles. WHEN: "create an app", "build a web app", "create API", "create frontend", "create backend", "add a feature", "build a service", "develop a project", "migrate my app", "modernize my code", "update my application", "add database", "add authentication", "add caching", "deploy to Azure", "host on Azure", "Azure with terraform", "Azure with azd", "generate azure.yaml", "generate Bicep", "generate Terraform", "create Azure Functions app", "create serverless HTTP API", "create function app", "create event-driven function", "create and deploy to Azure", "create Azure Functions and deploy", "create function app and deploy".",
+  "description": "Default entry point for Azure application development EXCEPT cross-cloud migration — use azure-cloud-migrate instead. Analyzes your project and prepares it for Azure deployment by generating infrastructure code (Bicep/Terraform), azure.yaml, and Dockerfiles. WHEN: "create an app", "build a web app", "create API", "create frontend", "create backend", "add a feature", "build a service", "develop a project", "modernize my code", "update my application", "add database", "add authentication", "add caching", "deploy to Azure", "host on Azure", "Azure with terraform", "Azure with azd", "generate azure.yaml", "generate Bicep", "generate Terraform", "create Azure Functions app", "create serverless HTTP API", "create function app", "create event-driven function", "create and deploy to Azure", "create Azure Functions and deploy", "create function app and deploy".",
   "extractedKeywords": [
     "analyzes",
     "application",
     "authentication",
     "azure",
+    "azure-cloud-migrate",
     "backend",
     "bicep",
     "build",
@@ -15,6 +16,7 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill descripti
     "cli",
     "code",
     "create",
+    "cross-cloud",
     "database",
     "default",
     "deploy",
@@ -24,6 +26,7 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill descripti
     "dockerfiles",
     "entry",
     "event-driven",
+    "except",
     "feature",
     "frontend",
     "function",
@@ -34,7 +37,8 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill descripti
     "http",
     "identity",
     "infrastructure",
-    "migrate",
+    "instead",
+    "migration",
     "modernize",
     "point",
     "prepare",
@@ -61,6 +65,7 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill keywords
   "application",
   "authentication",
   "azure",
+  "azure-cloud-migrate",
   "backend",
   "bicep",
   "build",
@@ -68,6 +73,7 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill keywords
   "cli",
   "code",
   "create",
+  "cross-cloud",
   "database",
   "default",
   "deploy",
@@ -77,6 +83,7 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill keywords
   "dockerfiles",
   "entry",
   "event-driven",
+  "except",
   "feature",
   "frontend",
   "function",
@@ -87,7 +94,8 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill keywords
   "http",
   "identity",
   "infrastructure",
-  "migrate",
+  "instead",
+  "migration",
   "modernize",
   "point",
   "prepare",
diff --git a/tests/skills.json b/tests/skills.json
index bf24994a..abd0a9da 100644
--- a/tests/skills.json
+++ b/tests/skills.json
@@ -3,6 +3,7 @@
         "appinsights-instrumentation",
         "azure-ai",
         "azure-aigateway",
+        "azure-cloud-migrate",
         "azure-compliance",
         "azure-compute",
         "azure-cost-optimization",
@@ -24,6 +25,6 @@
     "integrationTestSchedule": {
         "0 5 * * *": "microsoft-foundry",
         "0 8 * * *": "azure-deploy",
-        "0 12 * * *": "appinsights-instrumentation,azure-ai,azure-aigateway,azure-compliance,azure-compute,azure-cost-optimization,azure-diagnostics,azure-hosted-copilot-sdk,azure-kusto,azure-messaging,azure-observability,azure-prepare,azure-rbac,azure-resource-lookup,azure-resource-visualizer,azure-storage,azure-validate,entra-app-registration"
+        "0 12 * * *": "appinsights-instrumentation,azure-ai,azure-aigateway,azure-cloud-migrate,azure-compliance,azure-compute,azure-cost-optimization,azure-diagnostics,azure-hosted-copilot-sdk,azure-kusto,azure-messaging,azure-observability,azure-prepare,azure-rbac,azure-resource-lookup,azure-resource-visualizer,azure-storage,azure-validate,entra-app-registration"
     }
 }
\ No newline at end of file