arcgis-authentication

Implement authentication with ArcGIS using OAuth 2.0, API keys, and identity management. Use for accessing secured services, portal items, and user-specific content.

Quality

81%

Does it follow best practices?

Impact

Pending

No eval scenarios have been run

Securityby

Risky

Do not use without reviewing

Quality

Discovery

89%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is a solid skill description that clearly identifies its niche (ArcGIS authentication) with specific mechanisms and explicit trigger guidance. The main weakness is that the 'what' portion could list more concrete actions beyond 'implement authentication' (e.g., token management, credential storage, session handling). Overall it performs well across most dimensions.

Suggestions

Expand the specific actions beyond 'implement authentication' to include concrete tasks like 'manage tokens, handle credential storage, configure OAuth flows, troubleshoot authentication errors'.

Dimension	Reasoning	Score
Specificity	Names the domain (ArcGIS authentication) and some specific mechanisms (OAuth 2.0, API keys, identity management), but doesn't list multiple concrete actions beyond 'implement authentication'. The use cases mentioned (accessing secured services, portal items, user-specific content) add some specificity but remain somewhat general.	2 / 3
Completeness	Clearly answers both 'what' (implement authentication with ArcGIS using OAuth 2.0, API keys, and identity management) and 'when' ('Use for accessing secured services, portal items, and user-specific content'). The 'Use for...' clause serves as an explicit trigger guidance.	3 / 3
Trigger Term Quality	Includes strong natural keywords users would say: 'authentication', 'ArcGIS', 'OAuth 2.0', 'API keys', 'identity management', 'secured services', 'portal items'. These are terms a developer working with ArcGIS authentication would naturally use.	3 / 3
Distinctiveness Conflict Risk	Highly distinctive due to the specific combination of ArcGIS + authentication + OAuth 2.0. This is a clear niche that is unlikely to conflict with generic authentication skills or other ArcGIS skills focused on mapping/analysis.	3 / 3
	Total	11 / 12 Passed

Implementation

72%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This is a solid, actionable reference skill for ArcGIS authentication with well-organized sections and executable code examples covering multiple auth methods. Its main weakness is that it reads more as a pattern catalog than a guided workflow, lacking explicit validation checkpoints for the authentication process. Some sections (CORS/proxy, request interceptors) are tangentially related and could be trimmed or moved to separate files to improve conciseness.

Suggestions

Add a brief workflow summary at the top showing the decision tree: API key vs OAuth vs token-based, with guidance on when to use each approach

Add explicit validation steps to the OAuth flow (e.g., 'Verify credential.token is not null before proceeding' or 'Check token expiration and handle refresh')

Dimension	Reasoning	Score
Conciseness	The skill is mostly efficient with executable code examples, but includes some sections that could be tightened (e.g., the Portal User Information section is just property logging, and some patterns like CORS/proxy and request interceptors are general ArcGIS config rather than authentication-specific). The Common Pitfalls section adds good value though.	2 / 3
Actionability	Nearly all guidance is concrete, executable JavaScript code with proper imports. The OAuth flow, API key setup, token management, and enterprise portal configuration are all copy-paste ready with specific class names, methods, and patterns.	3 / 3
Workflow Clarity	The 'Complete OAuth Flow' section shows a reasonable sequence, and the Common Pitfalls section addresses error cases well. However, there's no explicit validation checkpoint workflow (e.g., verify token is valid before proceeding, handle token expiration mid-session), and the overall document reads more as a reference catalog of patterns than a guided workflow.	2 / 3
Progressive Disclosure	The content is well-structured with clear section headers progressing from simple (API keys) to complex (OAuth, enterprise, interceptors). Related skills and reference samples are clearly signaled at the end with one-level-deep references, and the content is appropriately scoped for a single SKILL.md file.	3 / 3
	Total	10 / 12 Passed

Validation

100%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 11 / 11 Passed

Validation for skill structure

No warnings or errors.

Repository: SaschaBrunnerCH/arcgis-maps-sdk-js-ai-context
Commit: d84407b

Reviewed: 1 day ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.