common-protocol-enforcement
Enforce Red-Team verification and adversarial protocol audit. Use when verifying tasks, performing self-scans, or checking for protocol violations. Load as composite for all sessions. (triggers: verify done, protocol check, self-scan, pre-write audit, task complete, audit violations, retrospective, scan, red-team)
53
41%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./.github/skills/common/common-protocol-enforcement/SKILL.mdQuality
Discovery
40%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description relies heavily on security/audit jargon without explaining what concrete actions the skill performs. While it includes explicit trigger terms and a 'Use when' clause, the triggers are a mix of overly generic terms ('scan', 'task complete') and niche jargon ('adversarial protocol audit') that don't align well with natural user language. The description would benefit significantly from listing specific, concrete operations.
Suggestions
Replace the vague 'enforce Red-Team verification and adversarial protocol audit' with specific concrete actions, e.g., 'Checks task outputs for protocol violations, scans responses for security policy compliance, and flags adversarial prompt patterns.'
Refine trigger terms to reduce overlap with generic skills — remove overly broad terms like 'task complete' and 'scan', and keep only distinctive terms like 'red-team', 'protocol check', 'audit violations'.
Clarify the 'Use when' clause with more specific scenarios, e.g., 'Use when reviewing completed tasks for security compliance, checking outputs against adversarial attack patterns, or auditing session protocols.'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description uses vague, abstract language like 'enforce Red-Team verification' and 'adversarial protocol audit' without listing concrete actions. What does 'self-scan' actually do? What specific checks are performed? No concrete operations are described. | 1 / 3 |
Completeness | It has a 'Use when...' clause covering when to trigger, and it attempts to describe what it does ('enforce Red-Team verification and adversarial protocol audit'). However, the 'what' is extremely vague — it doesn't explain what concrete actions the skill performs, making the completeness only partial. | 2 / 3 |
Trigger Term Quality | The description includes explicit trigger terms in parentheses (verify done, protocol check, self-scan, pre-write audit, etc.), but these are not natural phrases users would typically say. Terms like 'red-team', 'adversarial protocol audit', and 'pre-write audit' are jargon-heavy and unlikely to match organic user requests. | 2 / 3 |
Distinctiveness Conflict Risk | The 'red-team' and 'adversarial protocol audit' framing gives it some distinctiveness, but terms like 'verify done', 'task complete', and 'retrospective' are very generic and could easily overlap with task management, code review, or general verification skills. | 2 / 3 |
Total | 7 / 12 Passed |
Implementation
42%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill provides a reasonable framework for adversarial self-verification with identifiable anti-patterns and a two-phase audit workflow. However, it suffers from undefined key concepts (Pre-Write Audit Log is never shown), an empty References section, and lacks concrete examples of what violations look like and how to resolve them. The workflow steps would benefit from explicit feedback loops and validation checkpoints.
Suggestions
Define and show a concrete example of the 'Pre-Write Audit Log' format, since it's referenced as a required artifact but never specified.
Add a concrete before/after example showing a protocol violation detected during the Post-Write Self-Scan and its resolution.
Populate the References section with links to related skills or remove it; currently it signals missing content.
Add explicit re-validation steps after fixes in both workflows (e.g., 'After fix, re-run the Post-Write Self-Scan to confirm the violation is resolved').
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Mostly efficient but includes some unnecessary framing ('guilty until proven innocent', 'P0 CRITICAL') and could be tighter. Some phrases like 'Strict guidelines for adversarial verification' are filler. However, it's not excessively verbose. | 2 / 3 |
Actionability | Provides concrete checklists and specific anti-patterns to look for (local mocks, hardcoded styles, try-catch without error handling), but lacks executable examples. The 'Pre-Write Audit Log' is referenced but never defined or shown. No concrete example of what a passing vs failing audit looks like. | 2 / 3 |
Workflow Clarity | Two workflows are outlined (pre-done verification and post-write self-scan) with clear steps, but they lack explicit validation checkpoints and feedback loops. The post-write scan has a Scan→Match→Fix sequence which is good, but there's no 're-validate after fix' step, and the pre-done checklist doesn't specify what to do if a check fails beyond implicit re-work. | 2 / 3 |
Progressive Disclosure | The References section is completely empty, and the skill references concepts like 'Pre-Write Audit Log', 'Anti-Patterns in all active skills', and 'Project Skill' without linking to any definitions or external files. There's no navigation structure for discovering related content. | 1 / 3 |
Total | 7 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- HoangNguyen0403/agent-skills-standard
- Commit
19a1140
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.