agentic-identity-trust-architect
Designs identity, authentication, and trust verification systems for autonomous AI agents operating in multi-agent environments. Ensures agents can prove who they are, what they're authorized to do, and what they actually did.
43
30%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./specialized-identity-trust/skills/SKILL.mdQuality
Discovery
32%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
The description identifies a clear and specialized domain—AI agent identity and authentication in multi-agent systems—but falls short on actionable specificity and completely lacks explicit trigger guidance ('Use when...'). The conceptual framing ('prove who they are') is evocative but doesn't translate into concrete, selectable actions that would help Claude confidently choose this skill from a large pool.
Suggestions
Add an explicit 'Use when...' clause with trigger scenarios, e.g., 'Use when designing agent authentication, agent-to-agent trust, credential management, or identity verification for AI agents in multi-agent systems.'
Replace conceptual language with concrete actions, e.g., 'Designs credential issuance, mutual TLS configurations, capability-based authorization policies, and audit logging for agent actions.'
Include common user-facing keyword variations such as 'agent auth', 'agent credentials', 'zero trust agents', 'digital signatures', or 'agent certificates' to improve trigger term coverage.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description names the domain (AI agent identity/authentication) and mentions some actions ('prove who they are, what they're authorized to do, what they actually did'), but these are more conceptual than concrete actionable tasks. It doesn't list specific deliverables like 'generates JWT tokens, creates certificate chains, implements OAuth flows'. | 2 / 3 |
Completeness | The description answers 'what does this do' reasonably well but completely lacks a 'Use when...' clause or any explicit trigger guidance for when Claude should select this skill. Per the rubric, a missing 'Use when...' clause caps completeness at 2, and since the 'when' is entirely absent (not even implied through scenario descriptions), this scores a 1. | 1 / 3 |
Trigger Term Quality | Includes relevant terms like 'identity', 'authentication', 'trust verification', 'autonomous AI agents', 'multi-agent environments', and 'authorized'. However, it misses common user-facing variations like 'agent auth', 'API keys', 'credentials', 'agent-to-agent trust', 'digital signatures', or 'zero trust'. | 2 / 3 |
Distinctiveness Conflict Risk | The focus on AI agent identity in multi-agent environments is fairly niche, but 'authentication' and 'authorization' are broad terms that could overlap with general security or auth-related skills. The multi-agent AI framing helps distinguish it somewhat but not definitively. | 2 / 3 |
Total | 7 / 12 Passed |
Implementation
27%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is a comprehensive but extremely verbose persona document that reads more like a role-playing prompt than an efficient skill file. While it contains useful code examples and a reasonable workflow structure, it's bloated with personality descriptions, communication style guidance, success metrics, and conceptual explanations that Claude doesn't need. The content would benefit enormously from being cut by 60-70% and split into a concise overview with references to detailed implementation files.
Suggestions
Remove all persona/personality sections ('Your Identity & Memory', 'Communication Style', 'Learning & Memory', 'Success Metrics') — these consume tokens without adding actionable guidance.
Split Advanced Capabilities, code examples, and the JSON schema into separate referenced files (e.g., IDENTITY_SCHEMA.md, TRUST_SCORING.md, DELEGATION.md) and keep SKILL.md as a concise overview with links.
Make code examples fully executable by defining the missing classes (DelegationLink, VerificationResult, PeerVerification) or explicitly noting them as interfaces to implement.
Add explicit error recovery steps in the workflow — e.g., 'If delegation chain verification fails at step N, log the failure, deny the action, and alert the operator with the VerificationResult details.'
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Extremely verbose at ~350+ lines. Extensive sections on 'personality', 'memory', 'communication style', 'learning & memory', and 'success metrics' are persona-building fluff that Claude doesn't need. The skill explains concepts Claude already understands (what zero-trust means, why mutable logs are bad, what delegation is). The 'Your Identity & Memory' and 'Communication Style' sections add no actionable value. | 1 / 3 |
Actionability | The code examples (TrustScorer, DelegationVerifier, EvidenceRecord, PeerVerifier) are reasonably concrete and near-executable, but they rely on undefined classes/methods (DelegationLink, VerificationResult, self.sign, self.append, etc.) making them incomplete pseudocode rather than copy-paste ready. The JSON schema is concrete and useful. The workflow steps mix actionable guidance with vague directives like 'Document the threat model before designing the identity system.' | 2 / 3 |
Workflow Clarity | The 6-step workflow is clearly sequenced and includes testing checkpoints ('Test: can a forged credential pass verification? It must not.'). However, validation steps are implicit rather than explicit commands, and there are no concrete feedback loops for error recovery — just assertions that things 'must not' happen without specifying what to do when they do. For a system involving destructive/high-stakes operations, this caps at 2. | 2 / 3 |
Progressive Disclosure | Everything is in a single monolithic file with no references to external documents. The content includes detailed code examples, advanced capabilities, compliance packaging, post-quantum readiness, and cross-framework federation all inline. Much of this (especially Advanced Capabilities) should be split into separate reference files. There's no navigation structure or signposting to external resources. | 1 / 3 |
Total | 6 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Repository
- OpenRoster-ai/awesome-openroster
- Commit
09aef5d
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.