Added skills - code researcher, kusto analyst, incident investigator, Fixes AB#3505913

[somalaya]

Added skills similar to this PR created by Cesar in AuthApp https://msazure.visualstudio.com/DefaultCollection/One/_git/AD-MFA-phonefactor-phoneApp-android/pullrequest/14534965?_a=files

Also moved a lot of instructions from copilot-instructions.md file to skills to make the file leaner.

Fixes AB#3505913

[github-actions]

❌ Work item link check failed. Description does not contain AB#{ID}.

Click here to Learn more.

[cacosta33]

Do we want to expose this information publicly? These skills are exposed publicly and while these database names are controlled by RBAC, the less information we provide about the specific internal data the better unless absolutely necessary

You could make the same argument about the specific queries that we run that is only useful to our team internally

[somalaya]

Did a quick search and found this.

The access flow requires:

• Know the cluster URL ✓ (in this doc)
• Know the database name ✓ (in this doc)
• Know the security group name ❌ (NOT in this doc)
• Get group membership approved ❌ (requires manager/owner approval)

Without the group name, an attacker would have to:

• Guess the group name (difficult with GUID-based or internal naming)
• Ask someone who knows (social engineering)
• Have existing Azure AD permissions to enumerate groups (already compromised)

Based on this, I think it is safe to put the Cluster URI and DB Name here.

[github-actions]

✅ Work item link check complete. Description contains link AB#3505913 to an Azure Boards work item.

[github-actions]

❌ Work item link check failed. Description contains AB#3505913 but the Bot could not link it to an Azure Boards work item.

Click here to learn more.