arn-infra-pipeline
This skill should be used when the user says "infra pipeline", "arn infra pipeline", "create CI/CD pipeline", "set up deployment pipeline", "generate pipeline", "infra CI/CD", "deployment pipeline", "setup cicd", "generate github actions", "generate gitlab ci", "generate bitbucket pipeline", "infrastructure pipeline", "pipeline setup", "create deployment workflow", "cicd for infrastructure", "infra deployment pipeline", "set up infrastructure CI/CD", "arn-infra-pipeline", or wants to generate infrastructure-specific CI/CD pipelines with SOC 2 alignment, OIDC authentication, and environment-aware deployment stages.
67
59%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./plugins/arn-infra/skills/arn-infra-pipeline/SKILL.mdQuality
Discovery
72%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
The description excels at trigger term coverage with an exhaustive list of phrases users might say, and it occupies a distinct niche. However, it is heavily imbalanced — it reads more like a keyword list than a skill description. The 'what does this skill do' aspect is underdeveloped, with concrete capabilities only briefly mentioned at the very end.
Suggestions
Add a clear opening sentence describing specific actions the skill performs, e.g., 'Generates infrastructure CI/CD pipeline configuration files for GitHub Actions, GitLab CI, and Bitbucket Pipelines with SOC 2-aligned controls, OIDC authentication setup, and multi-environment deployment stages.'
Reduce the trigger term list to the most essential 5-8 terms and restructure using a 'Use when...' clause to separate capability description from trigger guidance.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description mentions some concrete concepts like 'SOC 2 alignment', 'OIDC authentication', and 'environment-aware deployment stages', but these appear only at the end. The bulk of the description is trigger terms rather than listing specific actions the skill performs (e.g., 'generates pipeline YAML files', 'configures deployment stages'). | 2 / 3 |
Completeness | The 'when' is extensively covered with numerous trigger phrases, but the 'what' is weak — it only vaguely mentions generating 'infrastructure-specific CI/CD pipelines with SOC 2 alignment, OIDC authentication, and environment-aware deployment stages' without clearly describing what concrete outputs or actions the skill produces. The description is heavily skewed toward triggers with insufficient capability explanation. | 2 / 3 |
Trigger Term Quality | Excellent coverage of natural trigger terms including platform-specific variations ('github actions', 'gitlab ci', 'bitbucket pipeline'), common abbreviations ('cicd', 'CI/CD'), and multiple phrasings users would naturally say ('set up deployment pipeline', 'create deployment workflow', 'pipeline setup'). | 3 / 3 |
Distinctiveness Conflict Risk | The combination of infrastructure-specific CI/CD, SOC 2 alignment, OIDC authentication, and the 'arn infra pipeline' branding creates a clear niche that is unlikely to conflict with generic CI/CD or general infrastructure skills. | 3 / 3 |
Total | 10 / 12 Passed |
Implementation
47%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill has excellent workflow structure with clear sequencing, validation checkpoints, and comprehensive error handling. However, it is severely over-long — the inline agent prompt templates, experience-level variations, and detailed security requirements bloat the content significantly and should be extracted to reference files. The actionability is moderate since the actual work is delegated to sub-agents whose implementations aren't provided.
Suggestions
Extract the agent invocation prompt templates (Steps 4 and 5) into separate reference files to dramatically reduce the SKILL.md token footprint — these alone account for ~40% of the content.
Move the experience-level pipeline job definitions (beginner/intermediate/expert) into a reference file like `pipeline-job-tiers.md` and reference it, rather than inlining all three tiers.
Remove redundant information — the security requirements are stated in the introduction, repeated in the agent instructions, and again in the security auditor instructions. State once and reference.
Add the bundle files that are referenced (pattern files, security checklist, etc.) so the skill can be properly evaluated for progressive disclosure and the references can be verified.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is extremely verbose at ~300+ lines. It over-explains many steps that Claude could infer, includes extensive boilerplate prompt templates for sub-agents, repeats information across steps, and provides lengthy inline instructions that could be in reference files. The agent invocation blocks alone consume massive token budget with information that could be templated or referenced. | 1 / 3 |
Actionability | The skill provides a clear multi-step process with specific file paths, glob patterns, and structured agent invocations. However, it lacks executable code examples — the agent invocation blocks are pseudo-structured prompts rather than executable commands, and the actual pipeline generation is delegated to sub-agents whose behavior isn't defined here. The guidance is specific but not copy-paste executable. | 2 / 3 |
Workflow Clarity | The workflow is clearly sequenced across 7 steps with explicit validation checkpoints: security audit review in Step 5, user approval gate in Step 6, and verification that the pipeline builder returned output in Step 4. Error handling covers multiple failure modes with fallback strategies and feedback loops (retry on empty output, diff before overwrite). | 3 / 3 |
Progressive Disclosure | The skill references multiple external files (experience-derivation.md, github-actions-patterns.md, pipeline-security-checklist.md, providers.md, environments.md, tooling-manifest.json) which is good progressive disclosure design. However, no bundle files are provided to verify these exist, and the SKILL.md itself is monolithic — the lengthy agent invocation templates and detailed instructions for each experience level should be in separate reference files rather than inline. | 2 / 3 |
Total | 8 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Repository
- AppsVortex/arness
- Commit
1fe948f
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.