cipp-standardslisted

Use this skill when working with CIPP Standards, Best Practice Analyser (BPA), and domain health checks — listing configured standards per tenant, triggering on-demand compliance checks, retrieving BPA results, checking SPF/DKIM/DMARC. The core surface for CIPP's tenant-baseline enforcement model.
wyre-technology/msp-claude-plugins · ★ 26 · DevOps & Infrastructure · score 82

Install: claude install-skill wyre-technology/msp-claude-plugins

# CIPP Standards & BPA Standards are CIPP's mechanism for declaring "this is what every tenant we manage should look like" and continuously enforcing it. The Best Practice Analyser (BPA) is the read side — it shows you where current tenant state diverges from CIPP's recommended baseline. Domain health is a complementary check focused on email authentication. ## Tools ### `cipp_list_standards` ``` cipp_list_standards(tenantFilter='contoso.onmicrosoft.com') ``` Returns the list of standards configured for the tenant: which standards are enabled, what action each takes (`Report`, `Alert`, `Remediate`), and current compliance status. Use `tenantFilter='allTenants'` for a portfolio-wide view. ### `cipp_run_standards_check` ``` cipp_run_standards_check(tenantFilter='contoso.onmicrosoft.com') ``` Triggers an on-demand standards evaluation. CIPP runs this on a schedule, but force a fresh run after deploying a new standard or remediating a finding to confirm the fix took. ### `cipp_list_bpa` ``` cipp_list_bpa(tenantFilter='contoso.onmicrosoft.com') ``` Returns the latest Best Practice Analyser report — every CIPP-recommended check with `Pass`/`Fail`/`Warn` status across categories (Security, Identity, Mail, SharePoint, Teams, Intune). The most useful single call for tenant health. ### `cipp_list_domain_health` ``` cipp_list_domain_health(tenantFilter='contoso.onmicrosoft.com') ``` Per-domain SPF, DKIM, DMARC, MX, and DNSSEC results. Run for any tenant where mail authenti