credentials
Secure credential management for trading platforms
56
43%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Risky
Do not use without reviewing
Optimize this skill with Tessl
npx tessl skill review --optimize ./src/skills/bundled/credentials/SKILL.mdQuality
Discovery
22%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is too brief and vague to effectively guide skill selection. It lacks concrete actions, explicit trigger conditions, and natural user keywords. The trading platform focus provides minimal distinctiveness but isn't enough to compensate for the missing detail.
Suggestions
Add specific actions like 'Store, retrieve, and rotate API keys and secrets for trading platforms like Binance, Coinbase, or Interactive Brokers'
Include a 'Use when...' clause with trigger terms such as 'API keys', 'trading credentials', 'exchange authentication', 'secrets management'
List common user phrases that would trigger this skill, including platform-specific terms and actions like 'connect to exchange' or 'set up trading API'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description uses vague language ('secure credential management') without listing any concrete actions. It doesn't specify what operations are performed (e.g., store, retrieve, rotate, encrypt credentials). | 1 / 3 |
Completeness | Only weakly addresses 'what' (credential management) and completely lacks any 'when' guidance. No 'Use when...' clause or explicit trigger conditions are provided. | 1 / 3 |
Trigger Term Quality | Contains some relevant keywords ('credential', 'trading platforms') but misses common variations users might say like 'API keys', 'secrets', 'passwords', 'authentication', or specific platform names. | 2 / 3 |
Distinctiveness Conflict Risk | The 'trading platforms' qualifier provides some specificity, but 'credential management' is generic enough to potentially conflict with other security or authentication-related skills. | 2 / 3 |
Total | 6 / 12 Passed |
Implementation
64%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill provides comprehensive, actionable API documentation with excellent code examples and clear command references. However, it's overly long for a SKILL.md file and lacks explicit workflow validation steps for the credential management lifecycle. The content would benefit from being split into a quick-start overview and a separate detailed API reference.
Suggestions
Add an explicit workflow section showing the full credential lifecycle: add → test → verify success → use, with validation checkpoints and error recovery steps
Split the detailed TypeScript API reference into a separate REFERENCE.md file, keeping only quick-start examples in SKILL.md
Remove the security features table describing standard practices (AES-256-GCM, no logging) that Claude already understands
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is mostly efficient with good use of tables and code examples, but includes some unnecessary elements like the 'Military-grade encryption' marketing language and the security features table which describes standard practices Claude would know. | 2 / 3 |
Actionability | Excellent actionability with fully executable TypeScript code examples, specific chat commands, and copy-paste ready snippets for all operations including credential setup, retrieval, testing, and cooldown management. | 3 / 3 |
Workflow Clarity | While individual operations are clear, there's no explicit workflow for the full credential lifecycle (add → test → use → rotate). The 'Best Practices' section mentions testing after adding but doesn't integrate this into a validated workflow with error recovery steps. | 2 / 3 |
Progressive Disclosure | Content is well-organized with clear sections, but this is a monolithic 200+ line file that could benefit from splitting the full TypeScript API reference into a separate file, keeping SKILL.md as a quick reference with chat commands and basic examples. | 2 / 3 |
Total | 9 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Repository
- alsk1992/CloddsBot
- Commit
2a8c94e
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.