CtrlK
BlogDocsLog inGet started
Tessl Logo

o11y-dev/opentelemetry-skill

Expert OpenTelemetry guidance for collector configuration, pipeline design, and production telemetry instrumentation across Kubernetes, ECS, serverless, and standalone deployments. Use when configuring collectors, designing pipelines, instrumenting applications, implementing sampling, managing cardinality, securing telemetry, writing OTTL transformations, or setting up AI coding agent observability (Claude Code, Codex, Gemini CLI, GitHub Copilot).

94

1.34x
Quality

98%

Does it follow best practices?

Impact

94%

1.34x

Average score across 18 eval scenarios

SecuritybySnyk

Passed

No known issues

Overview
Quality
Evals
Security
Files

criteria.jsonevals/scenario-8/

{
  "context": "Tests whether the skill causes the agent to correctly configure mutual TLS (mTLS) for secure communication between applications and the OpenTelemetry Collector. This is a critical security pattern for production environments.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "Explains certificate generation (CA, server cert, client cert)",
      "description": "The response includes steps to generate: CA certificate, server certificate (signed by CA), and client certificate (signed by CA). Should mention CA cert is needed for validation.",
      "max_score": 20
    },
    {
      "name": "Configures Kubernetes secrets for certificates",
      "description": "The response shows how to create Kubernetes secrets for server and client certificates/keys and mount them into pods. Must include proper secret naming and mount paths.",
      "max_score": 15
    },
    {
      "name": "Configures collector with client authentication",
      "description": "The collector configuration includes TLS settings that: (1) present server cert/key, (2) require client certificates, (3) validate client certs against CA. Score zero if client authentication is not enabled.",
      "max_score": 20
    },
    {
      "name": "Configures application SDK with client certificates",
      "description": "The response shows how to configure the application SDK (environment variables or code) to present client cert/key when connecting to collector. Must show how to specify the CA cert for validation.",
      "max_score": 20
    },
    {
      "name": "Includes certificate rotation/expiration strategy",
      "description": "The response addresses certificate rotation: either manual process, automation (cert-manager), or at minimum, documentation of when certs expire and how to update. Score zero if expiration is not mentioned.",
      "max_score": 15
    },
    {
      "name": "Provides troubleshooting guidance for TLS errors",
      "description": "The response includes debugging tips: how to check certificate validity, verify certificate chain, check that certificates are mounted correctly. Optional but recommended.",
      "max_score": 10
    }
  ]
}

CHANGELOG.md

CONTRIBUTING.md

README.md

SKILL.md

tessl.json

tile.json