security-patterns
Security patterns for Falcon Foundry apps including OAuth scopes, RBAC, input validation, UI security, and credential management. TRIGGER when user asks to "configure OAuth scopes", "secure a Foundry app", "handle secrets", "add input validation", or needs to review a Foundry app for security concerns (XSS, CSP, credential management). Also trigger during pre-deployment security reviews.
72
89%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Passed
No known issues
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong skill description that clearly defines its scope (security patterns for Falcon Foundry apps), lists specific capabilities (OAuth, RBAC, input validation, UI security, credential management), and provides explicit trigger conditions with natural user phrases. The description is well-structured, concise, and highly distinguishable from other skills due to its specific platform and domain focus.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions and domains: OAuth scopes, RBAC, input validation, UI security, credential management, XSS, CSP. These are clearly defined security capabilities rather than vague language. | 3 / 3 |
Completeness | Clearly answers both 'what' (security patterns for Falcon Foundry apps including OAuth scopes, RBAC, input validation, UI security, credential management) and 'when' (explicit TRIGGER clause with specific user phrases and scenarios like pre-deployment security reviews). | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural trigger terms users would say: 'configure OAuth scopes', 'secure a Foundry app', 'handle secrets', 'add input validation', plus specific security concerns like XSS, CSP, credential management, and 'pre-deployment security reviews'. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive due to the specific platform ('Falcon Foundry') and the focused domain (security patterns). The combination of Foundry-specific security concerns like OAuth scopes, RBAC, and CSP makes it very unlikely to conflict with generic security or generic Foundry skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
79%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a strong, well-structured security skill that provides highly actionable, platform-specific guidance for Falcon Foundry apps. Its main strengths are conciseness (no wasted tokens explaining basics) and actionability (executable code across multiple languages and formats). The main weaknesses are the lack of explicit validation/feedback workflows for the security review process and the funneling of all supplementary content into a single reference file.
Suggestions
Add an explicit multi-step security review workflow with validation checkpoints (e.g., 'Run scope audit → Fix over-permissioned scopes → Re-validate → Proceed to XSS check') to improve workflow clarity.
Split references/security-examples.md into separate files (e.g., sanitization-examples.md, ci-cd-security.md, postmessage-security.md) so the Reading Guide provides more targeted navigation rather than pointing everything to one file.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is lean and efficient throughout. It avoids explaining basic concepts Claude already knows (e.g., what RBAC is, what XSS is), instead jumping straight to Foundry-specific patterns, tables, and executable examples. Every section earns its place with platform-specific details. | 3 / 3 |
Actionability | Provides concrete, executable code in multiple languages (Python, TypeScript, YAML, JSON, bash), specific CLI commands, copy-paste ready configurations, and a detailed pre-deployment checklist. The JSON schema, CSP config, iframe origin validation, and manifest examples are all directly usable. | 3 / 3 |
Workflow Clarity | The pre-deployment checklist provides a clear sequence of verification steps, and individual sections are well-organized. However, there's no explicit multi-step workflow with validation checkpoints or feedback loops for the security review process itself — e.g., no 'validate → fix → re-validate' pattern for security auditing or deployment. | 2 / 3 |
Progressive Disclosure | The skill references [references/security-examples.md] multiple times with clear signaling, and the Reading Guide table is well-structured. However, all references point to a single file (security-examples.md) which appears to be a catch-all, and no bundle files were provided to verify the reference exists or is well-organized. The main content is appropriately sized but the single-file reference pattern is suboptimal. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
metadata_version | 'metadata.version' is missing | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Repository
- CrowdStrike/foundry-skills
- Commit
631c815
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.