secrets-management
Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions. Use when handling sensitive credentials, rotating secrets, or securing CI/CD environments.
Install with Tessl CLI
npx tessl i github:Dicklesworthstone/pi_agent_rust --skill secrets-management84
Does it follow best practices?
If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:
npx tessl skill review --optimize ./path/to/skillValidation for skill structure
Discovery
89%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a well-structured skill description with explicit 'Use when' guidance and good trigger term coverage. The main weakness is that the capabilities could be more specific - listing concrete actions like 'configure secret rotation policies' or 'inject secrets into build pipelines' would strengthen it. Overall, it effectively communicates its niche and when to use it.
Suggestions
Expand the capabilities with more concrete actions such as 'configure automatic rotation policies, inject secrets into build pipelines, audit secret access logs' to improve specificity.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (secrets management, CI/CD) and mentions specific tools (Vault, AWS Secrets Manager), but actions are somewhat general ('implement', 'handling', 'rotating', 'securing') rather than listing multiple concrete operations like 'inject secrets into pipelines, configure automatic rotation policies, audit secret access'. | 2 / 3 |
Completeness | Clearly answers both what ('Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions') and when ('Use when handling sensitive credentials, rotating secrets, or securing CI/CD environments') with explicit trigger guidance. | 3 / 3 |
Trigger Term Quality | Good coverage of natural terms users would say: 'secrets management', 'CI/CD pipelines', 'Vault', 'AWS Secrets Manager', 'credentials', 'rotating secrets'. These are terms users would naturally use when needing this skill. | 3 / 3 |
Distinctiveness Conflict Risk | Clear niche focused specifically on secrets management in CI/CD contexts with named tools (Vault, AWS Secrets Manager). Unlikely to conflict with general security skills or generic CI/CD skills due to the specific focus on credentials and secrets. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
72%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a comprehensive secrets management skill with excellent actionability through concrete, executable examples across multiple platforms. The main weaknesses are some verbose feature descriptions that Claude doesn't need, and missing validation/verification steps in workflows involving sensitive credential operations.
Suggestions
Remove the bullet-point feature lists for each tool (HashiCorp Vault, AWS Secrets Manager, etc.) as Claude already knows these capabilities
Add explicit validation steps after secret storage/retrieval operations (e.g., 'Verify secret was stored: vault kv get secret/database/config')
Include error handling and rollback guidance for the manual rotation process
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill includes some unnecessary explanatory content (tool feature lists that Claude already knows) and could be tightened. The bullet-point feature lists for each tool (e.g., 'Centralized secrets management', 'Dynamic secrets generation') add little value. | 2 / 3 |
Actionability | Provides fully executable code examples across multiple platforms (Vault, AWS, GitHub Actions, GitLab CI, Terraform, Kubernetes). Commands are copy-paste ready with specific syntax and real configuration patterns. | 3 / 3 |
Workflow Clarity | While individual code snippets are clear, the manual rotation process lacks validation checkpoints. The skill doesn't include explicit verification steps after secret operations (e.g., 'verify secret was stored correctly before proceeding'). | 2 / 3 |
Progressive Disclosure | Well-organized with clear sections, references to external files (vault-setup.md, github-secrets.md), and related skills. Content is appropriately structured with quick examples in main file and deeper content referenced elsewhere. | 3 / 3 |
Total | 10 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.