credentials

Secure credential management for trading platforms

Quality

40%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Risky

Do not use without reviewing

Optimize this skill with Tessl

npx tessl skill review --optimize ./src/skills/bundled/credentials/SKILL.md

Quality

Content

57%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The skill provides highly actionable, executable TypeScript code and clear chat command syntax for credential management across multiple trading platforms. However, it suffers from being a monolithic API reference dump rather than a well-structured skill with progressive disclosure, and lacks an explicit setup workflow with validation checkpoints. Some content like the security features table and best practices section add little value for Claude.

Suggestions

Split into a concise SKILL.md overview with quick-start examples, and move the full API reference to a separate API_REFERENCE.md file

Add an explicit setup workflow: 1. Generate encryption key → 2. Initialize manager → 3. Set credentials → 4. Test connection → 5. Verify with /creds status

Remove the Security Features table and Best Practices section — these are either marketing language or common knowledge that doesn't help Claude execute tasks

Add error handling examples showing what to do when credential setup fails (e.g., invalid key format, connection timeout)

Dimension	Reasoning	Score
Conciseness	The content is mostly efficient with concrete code examples, but includes some unnecessary padding like 'Military-grade encryption at rest' marketing language, the Security Features table with vague descriptions, and the Best Practices section which states things Claude already knows. The supported platforms table is useful but the security table adds little actionable value.	2 / 3
Actionability	The skill provides fully executable TypeScript code for every operation (set, get, delete, test credentials), concrete chat commands with clear syntax, and platform-specific credential schemas. Code examples are copy-paste ready with realistic parameter values.	3 / 3
Workflow Clarity	The chat commands and API methods are clearly organized by operation type, but there's no explicit workflow sequence for the credential setup process (e.g., generate key → configure → set credentials → test → verify). The cooldown management section shows error handling but there's no overall validation workflow or feedback loop for the setup process.	2 / 3
Progressive Disclosure	This is a monolithic file with ~200 lines of inline API reference that could be split into separate files (e.g., chat commands overview in SKILL.md, full API reference in API.md, platform-specific details in PLATFORMS.md). There are no references to external files and everything is dumped into one document.	1 / 3
	Total	8 / 12 Passed

Description

22%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This description is too terse and vague to be effective for skill selection. It fails to specify concrete actions the skill performs and entirely lacks a 'Use when...' clause, making it difficult for Claude to know when to select it over other skills. The trading platform domain provides some distinctiveness, but the description needs significantly more detail.

Suggestions

Add specific concrete actions such as 'Stores, retrieves, rotates, and encrypts API keys and secrets for trading platform integrations'.

Add an explicit 'Use when...' clause, e.g., 'Use when the user needs to manage API keys, tokens, passwords, or authentication credentials for trading platforms like Binance, Coinbase, or brokerage APIs'.

Include natural trigger terms users would say, such as 'API key', 'secret', 'token', 'password', 'authentication', and names of specific trading platforms.

Dimension	Reasoning	Score
Specificity	The description uses vague language ('secure credential management') without listing any concrete actions like storing, rotating, encrypting, or retrieving credentials.	1 / 3
Completeness	The description weakly addresses 'what' (credential management) but completely lacks any 'when' clause or explicit trigger guidance for when Claude should select this skill.	1 / 3
Trigger Term Quality	It includes some relevant keywords like 'credential', 'trading platforms', and 'secure', but misses common variations users might say such as 'API keys', 'passwords', 'secrets', 'authentication', or specific platform names.	2 / 3
Distinctiveness Conflict Risk	The combination of 'credential management' and 'trading platforms' narrows the domain somewhat, but 'credential management' alone could overlap with general security or secrets management skills.	2 / 3
	Total	6 / 12 Passed

Validation

90%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 10 / 11 Passed

Validation for skill structure

Criteria	Description	Result
frontmatter_unknown_keys	Unknown frontmatter key(s) found; consider removing or moving to metadata	Warning

	Total	10 / 11 Passed

Repository: alsk1992/CloddsBot
Commit: e71a5f6

Reviewed: 2 months ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.