Merge branch 'main' into target-single-platform/01-infrastructure-and-public-apis

Author: edwardneal

.github/copilot-instructions.md

@@ -129,6 +129,10 @@ When a new issue is created, follow these steps:
 - Suggest release note entries for fixes by updating files under `release-notes/` or by using the `release-notes` prompt (instead of editing `CHANGELOG.md` directly).
 - Tag reviewers based on `CODEOWNERS` file
 
+## 🌿 Branch Naming
+- All branches created by AI agents **must** use the `dev/automation/` prefix (e.g. `dev/automation/fix-connection-timeout`).
+- Do **not** create branches directly under `main`, `dev/`, or any other top-level prefix.
+
 ## 🧠 Contextual Awareness
 - All source code is in `src/Microsoft.Data.SqlClient/src/`. Do NOT add code to legacy `netfx/src/` or `netcore/src/` directories.
 - Only `ref/` folders in `netcore/ref/` and `netfx/ref/` remain active for defining the public API surface.

.github/prompts/code-review.prompt.md

@@ -1,18 +1,20 @@
 ---
 name: code-review
-description: AI-assisted code review for a pull request in Microsoft.Data.SqlClient.
+description: AI-assisted code review for a pull request or branch in Microsoft.Data.SqlClient.
 argument-hint: <PR number or branch name>
 agent: agent
-tools: ['github/search_issues', 'read/readFile', 'codebase/search']
+tools: ['github/search_issues', 'github/pull_request_read', 'github/get_file_contents', 'github/run_secret_scanning', 'read/readFile', 'search']
 ---
 
-Review the pull request "${input:pr}" in `dotnet/SqlClient`.
+Review the changes in "${input:target}" for `dotnet/SqlClient`.
+
+The target may be either a **PR number** (e.g., `4106`) or a **branch name** (e.g., `dev/user/my-feature`). Determine which by checking whether the value is purely numeric.
 
 Follow this structured review process:
 
 ## 1. Understand the Change
-- Fetch the PR details: title, description, linked issue(s), and diff.
 - Read the PR description to understand the intent and scope of the change.
+- Check for linked issues referenced in the description (e.g., `Fixes #...`).
 - Check which files are modified and categorize them:
   - **Source code** (`src/Microsoft.Data.SqlClient/src/`) — the main review focus
   - **Tests** (`tests/`) — verify coverage

.github/prompts/generate-doc-comments.prompt.md

@@ -1,5 +1,5 @@
 ---
-name: doc-comments
+name: generate-doc-comments
 description: Generate XML documentation comments for C# code following .NET best practices.
 argument-hint: <code>
 agent: agent

.github/prompts/generate-prompt.prompt.md

@@ -2,6 +2,7 @@
 name: generate-prompt
 description: Generates high-quality VS Code Copilot prompt files (.prompt.md) based on user descriptions, leveraging available skills.
 argument-hint: Describe the prompt you want to create (e.g., "A prompt to generate unit tests for C#")
+tools: [read, edit, search, todo]
 ---
 You are an expert AI prompt developer specialized in creating **Visual Studio Code Copilot Prompt Files (`.prompt.md`)**.
 
@@ -34,6 +35,7 @@ Before generating the prompt, review the available skills in the `.github/skills
         *   `name`: A concise, kebab-case name for the prompt.
         *   `description`: A clear, short description of what the prompt does.
         *   `argument-hint`: (Optional) A hint for what arguments the user can provide when using the prompt.
+        *   `tools`: (Recommended) A list of tool identifiers the prompt is allowed to use. See the **Tool Scoping** section below.
     *   **Body Structure**:
         *   **Role**: Define the AI's persona (e.g., "You are an expert C# developer...").
         *   **Context**: Include specific context instructions or references.
@@ -50,19 +52,78 @@ Before generating the prompt, review the available skills in the `.github/skills
     *   Use `${input:variableName}` for user inputs (e.g., `${input:methodName}`).
     *   Use built-in variables like `${selection}`, `${file}`, or `${workspaceFolder}` where appropriate context is needed.
 
-6.  **Best Practices**:
+6.  **Scope Tools**: Restrict the tools available to each prompt using the `tools` frontmatter field. See the **Tool Scoping** section below for detailed guidance.
+
+7.  **Best Practices**:
     *   Be specific and explicit.
     *   Encourage chain-of-thought reasoning if the task is complex.
     *   Reference workspace files using Markdown links `[path/to/file.cs](path/to/file.cs)` only if they are static and necessary for *all* invocations of this prompt.
     *   Prefer referencing skills over duplicating instructions that already exist in skills.
 
+## Tool Scoping
+
+Every generated prompt **should** include a `tools` list in its YAML frontmatter. Scoping tools keeps the model focused by limiting it to approved, known-effective tools for the task. Without tool scoping, the model may invoke irrelevant tools, waste context, or produce unpredictable results.
+
+### Why scope tools?
+- **Focus**: Fewer tools means the model spends less reasoning on tool selection and more on the task.
+- **Reliability**: Restricting to tested tools avoids unexpected side effects (e.g., a read-only review prompt shouldn't have edit tools).
+- **Safety**: Prevents prompts from accidentally running terminal commands or making file changes when they shouldn't.
+
+### How to choose tools
+Apply the **principle of least privilege** — include only the tools the prompt actually needs:
+
+| Prompt type | Recommended tools |
+|---|---|
+| **Read-only analysis** (review, triage, explain) | `read/readFile`, `search/codebase`, `search/textSearch` |
+| **Code editing** (bug fix, feature, refactor) | `edit/editFiles`, `edit/createFile`, `read/readFile`, `search/codebase` |
+| **Needs terminal** (build, test, scripts) | All of the above + `execute/runInTerminal`, `execute/getTerminalOutput` |
+| **Needs GitHub data** (triage, release notes) | All of the above + `github/search_issues` or other GitHub tools |
+| **Needs web content** (docs lookup) | `web/fetch` |
+
+### Available built-in tool identifiers
+
+You can specify individual tools or tool sets (which include all tools in that group).
+
+**Tool sets** (use these to include all tools in a category):
+- `edit` — File creation and editing tools
+- `read` — File and notebook reading tools
+- `search` — Codebase, text, and file search tools
+- `execute` — Terminal, task, and notebook execution tools
+- `web` — Web content fetching tools
+
+**Commonly used individual tools:**
+
+| Tool identifier | Purpose |
+|---|---|
+| `edit/editFiles` | Apply edits to existing files |
+| `edit/createFile` | Create a new file |
+| `read/readFile` | Read file contents |
+| `read/problems` | Get workspace problems/diagnostics |
+| `search/codebase` | Semantic code search |
+| `search/textSearch` | Text/regex search in files |
+| `search/fileSearch` | Search for files by glob pattern |
+| `search/listDirectory` | List directory contents |
+| `search/usages` | Find references and implementations |
+| `execute/runInTerminal` | Run a shell command |
+| `execute/getTerminalOutput` | Get terminal output |
+| `execute/testFailure` | Get test failure details |
+| `web/fetch` | Fetch a web page |
+
+**Extension / MCP tools** can also be included using their identifier (e.g., `github/search_issues`). Use `<server-name>/*` to include all tools from an MCP server.
+
+### Frontmatter syntax
+```yaml
+tools: ['read/readFile', 'search/codebase', 'edit/editFiles']
+```
+
 ## Example Output Structure (with skill reference)
 
 ```markdown
 ---
 name: my-new-prompt
 description: specialized task description
 argument-hint: input parameter hint
+tools: ['edit/editFiles', 'read/readFile', 'search/codebase', 'execute/runInTerminal']
 ---
 You are a specialized agent for...
 
@@ -89,6 +150,7 @@ Use ${input:param1} to...
 name: my-new-prompt
 description: specialized task description
 argument-hint: input parameter hint
+tools: ['read/readFile', 'search/codebase']
 ---
 You are a specialized agent for...
 

.github/prompts/generate-skill.prompt.md

@@ -2,6 +2,8 @@
 name: generate-skill
 description: Generate a GitHub Copilot Agent Skill (SKILL.md) following best practices and official documentation
 argument-hint: Describe the skill you want to create (e.g., "debugging SQL connection issues")
+agent: agent
+tools: ['read/readFile', 'edit/createFile', 'search']
 ---
 You are an expert developer specialized in creating **GitHub Copilot Agent Skills**.
 

.github/prompts/refine-test-overlap.prompt.md

@@ -1,7 +1,9 @@
 ---
-name: test-minimize-overlap
+name: refine-test-overlap
 description: Run coverage overlap analysis and suggest test suite optimizations
 argument-hint: Test filter (e.g. FullyQualifiedName~MyTests) or describe the tests you want to analyze
+agent: agent
+tools: ['edit/editFiles', 'read/readFile', 'search/codebase', 'execute/runInTerminal', 'execute/getTerminalOutput']
 ---
 You are an expert .NET Test Engineer specialized in optimizing test coverage and reducing technical debt.
 
@@ -10,19 +12,19 @@ Your task is to analyze the user's test suite using the `AnalyzeTestOverlap.ps1`
 
 ## Skills
 This prompt leverages the following skills for specific sub-tasks:
-- [generate-mstest-filter](../skills/generate-mstest-filter/SKILL.md) - For generating well-formed MSTest filter expressions
+- [generate-mstest-filter](.github/skills/generate-mstest-filter/SKILL.md) - For generating well-formed MSTest filter expressions
 
 ## Tools
-You have access to the analysis script at `[AnalyzeTestOverlap.ps1](./scripts/AnalyzeTestOverlap.ps1)`.
+You have access to the analysis script at [AnalyzeTestOverlap.ps1](.github/prompts/scripts/AnalyzeTestOverlap.ps1).
 
 ## Workflow
 1.  **Parse or Generate Test Filter**:
     *   If `${input:filter}` is a valid MSTest filter expression (e.g., `FullyQualifiedName~MyTests`), use it directly.
-    *   If `${input:filter}` is a loose description (e.g., "connection tests" or "SqlCommand class"), follow the instructions in the [generate-mstest-filter](../skills/generate-mstest-filter/SKILL.md) skill to generate a proper filter expression.
+    *   If `${input:filter}` is a loose description (e.g., "connection tests" or "SqlCommand class"), follow the instructions in the [generate-mstest-filter](.github/skills/generate-mstest-filter/SKILL.md) skill to generate a proper filter expression.
     *   If `${input:filter}` is empty, ask the user for a test filter or description to target specific tests.
 
 2.  **Run Analysis**:
-    *   Run the script using the filter: `.\scripts\AnalyzeTestOverlap.ps1 -Filter "<filter>"`.
+    *   Run the script from the workspace root: `.\.github\prompts\scripts\AnalyzeTestOverlap.ps1 -Filter "<filter>"`.
     *   *Note*: The script produces a console summary and a `test-coverage-analysis.json` file.
 
 3.  **Review Overlap**:

.github/prompts/update-build-pipelines.prompt.md

@@ -3,7 +3,7 @@ name: update-build-pipelines
 description: Guided workflow for updating Azure DevOps CI/CD pipelines for Microsoft.Data.SqlClient.
 argument-hint: <describe the pipeline change needed>
 agent: agent
-tools: ['edit/createFile', 'edit/editFiles', 'read/readFile', 'codebase/search']
+tools: ['edit/createFile', 'edit/editFiles', 'read/readFile', 'search']
 ---
 
 Update the Azure DevOps build pipelines for: "${input:change}".