CtrlK
BlogDocsLog inGet started
Tessl Logo

functions-falcon-api

Call CrowdStrike Falcon platform APIs (detections, alerts, hosts, RTR) from within Foundry function handlers. TRIGGER when user asks to "call Falcon APIs from a function", "use FalconPy in a function", "use gofalcon in a function", or needs to integrate Falcon platform APIs within serverless function code. DO NOT TRIGGER when user wants to expose external third-party APIs to Foundry — use api-integrations instead.

78

1.12x
Quality

Does it follow best practices?

Impact

90%

1.12x

Average score across 2 eval scenarios

SecuritybySnyk

Advisory

Suggest reviewing before use

SKILL.md
Quality
Evals
Security

Quality

Content

65%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The body is highly actionable with executable Python/Go patterns and verified reference tables, but it is somewhat verbose and keeps most detail inline rather than delegating to bundle files. Workflow sequencing has validation inside code but lacks an explicit end-to-end feedback loop.

Suggestions

Remove or trim the 'SYSTEM INJECTION — READ THIS FIRST' block and consolidate the repeated zero-arg auth messaging into one place to reduce token overhead.

Move the scope reference table and the per-class examples into a references file (e.g. references/oauth-scopes.md) so SKILL.md stays a lean overview, lifting progressive_disclosure.

Add an explicit validate→fix→retry feedback loop (e.g. for scope/403 errors: declare scope, redeploy, re-test) to turn the scattered status_code checks into a clear sequenced workflow.

DimensionReasoningScore

Conciseness

Mostly domain-specific and valuable, but the 'SYSTEM INJECTION — READ THIS FIRST' role-setting block, repeated zero-arg auth messaging across sections, and a 'Common Pitfalls' list that restates inline guidance could be tightened.

2 / 3

Actionability

Provides fully executable Python and Go handler examples with imports, plus concrete scope, severity, and region tables and exact local-testing commands — copy-paste ready.

3 / 3

Workflow Clarity

Code examples include status_code validation checkpoints and the scope-resolution section is a numbered flow with a user-facing fallback, but there is no explicit validate→fix→retry feedback loop for an end-to-end workflow.

2 / 3

Progressive Disclosure

One clearly signaled one-level-deep reference (references/advanced-patterns.md, verified present) is well organized, but the bulk of detail — scope/severity tables and many code examples — remains inline rather than split into references.

2 / 3

Total

9

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is specific, well-triggered, complete, and clearly distinguished from sibling skills. It names concrete API domains, gives natural trigger phrasings, and explicitly fences off the api-integrations overlap.

DimensionReasoningScore

Specificity

Lists multiple concrete actions — 'Call CrowdStrike Falcon platform APIs (detections, alerts, hosts, RTR) from within Foundry function handlers' — naming specific API domains and the execution context.

3 / 3

Completeness

Explicitly answers both what (call Falcon platform APIs from Foundry function handlers) and when (explicit 'TRIGGER when...' and 'DO NOT TRIGGER when...' clauses).

3 / 3

Trigger Term Quality

Includes natural phrases a user would say — 'call Falcon APIs from a function', 'use FalconPy in a function', 'use gofalcon in a function' — covering both SDKs and the common phrasings.

3 / 3

Distinctiveness Conflict Risk

Clear niche (Falcon APIs inside Foundry functions) with an explicit disambiguation — 'DO NOT TRIGGER when user wants to expose external third-party APIs to Foundry — use api-integrations instead'.

3 / 3

Total

12

/

12

Passed

Validation

81%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation13 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

metadata_version

'metadata.version' is missing

Warning

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

relative_links

Relative link issues: 1 suspicious

Warning

Total

13

/

16

Passed

Repository
CrowdStrike/foundry-skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.