Expert OpenTelemetry guidance for collector configuration, pipeline design, and production telemetry instrumentation across Kubernetes, ECS, serverless, and standalone deployments. Use when configuring collectors, designing pipelines, instrumenting applications, implementing sampling, managing cardinality, securing telemetry, writing OTTL transformations, or setting up AI coding agent observability (Claude Code, Codex, Gemini CLI, GitHub Copilot).
94
98%
Does it follow best practices?
Impact
94%
1.34xAverage score across 18 eval scenarios
Passed
No known issues
{
"context": "Tests whether the skill causes the agent to correctly configure mutual TLS (mTLS) for secure communication between applications and the OpenTelemetry Collector. This is a critical security pattern for production environments.",
"type": "weighted_checklist",
"checklist": [
{
"name": "Explains certificate generation (CA, server cert, client cert)",
"description": "The response includes steps to generate: CA certificate, server certificate (signed by CA), and client certificate (signed by CA). Should mention CA cert is needed for validation.",
"max_score": 20
},
{
"name": "Configures Kubernetes secrets for certificates",
"description": "The response shows how to create Kubernetes secrets for server and client certificates/keys and mount them into pods. Must include proper secret naming and mount paths.",
"max_score": 15
},
{
"name": "Configures collector with client authentication",
"description": "The collector configuration includes TLS settings that: (1) present server cert/key, (2) require client certificates, (3) validate client certs against CA. Score zero if client authentication is not enabled.",
"max_score": 20
},
{
"name": "Configures application SDK with client certificates",
"description": "The response shows how to configure the application SDK (environment variables or code) to present client cert/key when connecting to collector. Must show how to specify the CA cert for validation.",
"max_score": 20
},
{
"name": "Includes certificate rotation/expiration strategy",
"description": "The response addresses certificate rotation: either manual process, automation (cert-manager), or at minimum, documentation of when certs expire and how to update. Score zero if expiration is not mentioned.",
"max_score": 15
},
{
"name": "Provides troubleshooting guidance for TLS errors",
"description": "The response includes debugging tips: how to check certificate validity, verify certificate chain, check that certificates are mounted correctly. Optional but recommended.",
"max_score": 10
}
]
}.claude-plugin
.codex-plugin
.cursor-plugin
.github
scripts
docs
evals
scenario-1
scenario-2
scenario-3
scenario-4
scenario-5
scenario-6
scenario-7
scenario-8
scenario-9
scenario-10
scenario-11
scenario-12
scenario-13
scenario-14
scenario-15
scenario-16
scenario-17
scenario-18
references