harden
VPS security auditing and hardening
54
43%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Advisory
Suggest reviewing before use
Optimize this skill with Tessl
npx tessl skill review --optimize ./src/skills/bundled/harden/SKILL.mdQuality
Discovery
22%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is too terse and vague to effectively guide skill selection. It names a domain but lacks concrete actions, natural trigger term variations, and any explicit 'Use when...' guidance. It would benefit significantly from listing specific capabilities and adding trigger conditions.
Suggestions
Add specific concrete actions such as 'Checks firewall configurations, audits SSH settings, reviews user permissions, identifies open ports, configures fail2ban, disables root login'.
Add an explicit 'Use when...' clause, e.g., 'Use when the user asks about securing a VPS, server hardening, Linux security audit, firewall setup, or SSH configuration'.
Include natural trigger term variations like 'server security', 'Linux hardening', 'firewall rules', 'SSH lockdown', 'vulnerability check', and 'server audit'.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description names a domain ('VPS security') and two abstract actions ('auditing' and 'hardening'), but does not list any concrete specific actions like checking firewall rules, configuring SSH, disabling root login, etc. | 1 / 3 |
Completeness | The description weakly addresses 'what' (auditing and hardening) but completely lacks any 'when' clause or explicit trigger guidance, which per the rubric caps completeness at 2 at best—and since the 'what' is also vague, it scores a 1. | 1 / 3 |
Trigger Term Quality | 'VPS', 'security', 'auditing', and 'hardening' are relevant keywords a user might use, but it misses common variations like 'server security', 'firewall', 'SSH', 'Linux server', 'vulnerability scan', or 'server lockdown'. | 2 / 3 |
Distinctiveness Conflict Risk | 'VPS security' is somewhat specific and narrows the domain, but 'auditing and hardening' could overlap with general security skills, Linux administration skills, or compliance-related skills. | 2 / 3 |
Total | 6 / 12 Passed |
Implementation
64%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
The skill is well-organized and concise, with clear command structures and a useful security checks reference table. However, it lacks executable implementation details (actual SSH commands, scripts, or code) that Claude would need to perform these operations, and critically missing validation/rollback steps for operations that could lock users out of their servers.
Suggestions
Add executable code or SSH command sequences for each operation (e.g., the actual `ufw` commands, `sshd_config` edits, `apt` commands) so Claude can perform the hardening rather than just knowing the command interface.
Add explicit validation checkpoints after risky operations—especially 'verify SSH access still works before closing current session' after SSH config changes and firewall enablement.
Include a rollback/recovery section for when hardening steps go wrong (e.g., firewall locks out the user), since these are destructive operations on remote servers.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is lean and well-structured. No unnecessary explanations of what SSH, firewalls, or fail2ban are. Every section earns its place with tables and concise bullet points. | 3 / 3 |
Actionability | The commands and options are clearly specified, but there's no actual executable code showing how these commands are implemented—no SSH commands, no bash scripts, no Python code. It describes what the commands do but doesn't show the underlying implementation Claude would need to execute them. | 2 / 3 |
Workflow Clarity | The commands imply a workflow (audit → fix → report), and the emergency command has a clear sequence. However, there are no explicit validation checkpoints or feedback loops—e.g., no 'verify SSH still works after changing config' step, which is critical for destructive/lockout-risk operations like firewall and SSH hardening. | 2 / 3 |
Progressive Disclosure | The content is reasonably organized with clear sections and tables, but everything is in one file with no references to deeper documentation. The security checks table and fix details could benefit from linking to more detailed guides for each hardening area. | 2 / 3 |
Total | 9 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Repository
- alsk1992/CloddsBot
- Commit
e71a5f6
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.