remediation
**CRITICAL**: Use this skill for ALL CVE remediation workflows. DO NOT use individual skills piecemeal for end-to-end remediation. Use when users request: - CVE remediation playbooks or security patch deployment - Multi-step remediation (validation → context → playbook → execution) - Batch remediation across multiple systems or CVEs - End-to-end CVE management (analysis + remediation + verification) - Prioritizing and remediating CVEs (not just listing them) - Emergency security response with immediate remediation plans DO NOT use for simple queries: - "List critical CVEs" → Use `/cve-impact` skill - "What's the CVSS score for CVE-X?" → Use `/cve-impact` or `/cve-validation` - Standalone impact analysis without remediation → Use `/cve-impact` This skill orchestrates 6 specialized skills (cve-impact, cve-validation, system-context, playbook-generator, playbook-executor, remediation-verifier) for complete remediation workflows.
61
73%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Advisory
Suggest reviewing before use
Optimize this skill with Tessl
npx tessl skill review --optimize ./rh-sre/skills/remediation/SKILL.mdQuality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is an excellent skill description that clearly defines its role as an orchestrator for end-to-end CVE remediation workflows. It excels in all dimensions: specific actions are enumerated, natural trigger terms are abundant, both 'what' and 'when' are explicitly addressed, and the 'DO NOT use for' section with redirects to alternative skills makes it highly distinctive and conflict-resistant.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: CVE remediation playbooks, security patch deployment, multi-step remediation (validation → context → playbook → execution), batch remediation, end-to-end CVE management, and emergency security response. Also names the 6 orchestrated sub-skills. | 3 / 3 |
Completeness | Clearly answers both 'what' (orchestrates 6 specialized skills for complete CVE remediation workflows) and 'when' (explicit 'Use when users request' section with detailed triggers, plus a 'DO NOT use for' section that clarifies boundaries and redirects to other skills). | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural trigger terms users would say: 'CVE remediation', 'security patch deployment', 'batch remediation', 'emergency security response', 'remediation playbooks', 'prioritizing and remediating CVEs'. These are terms a security professional would naturally use. | 3 / 3 |
Distinctiveness Conflict Risk | Exceptionally distinctive with explicit boundary-setting via the 'DO NOT use for' section that redirects simple queries to specific alternative skills (cve-impact, cve-validation). This directly addresses conflict risk with related skills in the same ecosystem. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
47%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured orchestration skill with excellent workflow clarity, explicit validation gates, and strong human-in-the-loop safeguards. However, it suffers significantly from verbosity and repetition—key requirements like user confirmation, sequential execution, and skill invocation rules are restated 3-4 times across different sections. The content would benefit greatly from consolidation, removing redundant sections (e.g., merging Prerequisites/Dependencies/Related Skills, removing the 'Important Reminders' section), and moving detailed reference material to separate files.
Suggestions
Eliminate redundancy by merging the 'Prerequisites', 'Dependencies', and 'Related Skills' sections into a single section, and remove the 'Important Reminders' section since all its points are already covered in the workflow.
Move the 'Error Handling', 'Output Format', and 'MCP Tool Usage' sections to a reference file (e.g., references/02-error-handling.md) to reduce the main skill body to its core workflow.
Remove repeated human-in-the-loop instructions—state the confirmation requirement once at the top and reference it in steps rather than fully restating it in the workflow, the dedicated section, AND the reminders.
Cut explanatory text that Claude can infer (e.g., 'MANDATORY: Use actual Skill tool invocations, NOT text pretending to invoke skills' repeated multiple times; 'If tool use count is 0, you are doing it wrong')—state once concisely.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is extremely verbose at ~250+ lines with significant repetition. The 'When to Use' section duplicates the frontmatter description. Human-in-the-loop requirements are stated in the workflow steps AND repeated in a dedicated section. MCP tool usage notes, error handling, and dependencies all contain redundant information. The 'Important Reminders' section restates things already covered. Many instructions explain obvious orchestration concepts Claude already understands. | 1 / 3 |
Actionability | The skill provides concrete invocation templates for each step (e.g., exact strings to pass to sub-skills) and specific error messages, which is good. However, it's an orchestration skill that delegates everything to sub-skills, so there's no executable code—just string templates for skill invocations. The guidance on what to do at each step is specific but the actual 'how' is deferred to referenced skills, making it partially actionable on its own. | 2 / 3 |
Workflow Clarity | The workflow is exceptionally well-sequenced with 7 clearly numbered steps (0-6), explicit validation gates (remediatable gate at Step 2, user confirmation before Step 5), feedback loops (dry-run → review → execute), and clear stop/continue decision points. The mandatory sequencing constraints are explicitly called out. Error recovery paths are defined for each failure mode. | 3 / 3 |
Progressive Disclosure | The skill references external files appropriately (remediation-plan-template.md, lightspeed-mcp-tool-failures.md, skill-invocation.md, remediation-indicators.md), but the main body itself is a wall of text that could benefit from splitting detailed error handling, output formats, and MCP tool usage notes into reference files. The Dependencies section largely duplicates the Related Skills listed in Prerequisites. No bundle files were provided to verify reference accuracy. | 2 / 3 |
Total | 8 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
metadata_version | 'metadata.version' is missing | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Repository
- RHEcosystemAppEng/agentic-collections
- Commit
27852c0
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.