CtrlK
BlogDocsLog inGet started
Tessl Logo

auth0-aspnetcore-api

Use when protecting ASP.NET Core Web API endpoints with JWT Bearer token validation, scope checks, or DPoP binding. Integrates Auth0.AspNetCore.Authentication.Api for stateless REST APIs receiving access tokens from frontends or mobile apps.

79

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

100%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

A well-architected skill body: lean and non-redundant, fully executable, with a numbered workflow that includes an explicit user-confirmation checkpoint and a Common Mistakes recovery table, and clean progressive disclosure into three real reference files. It avoids teaching concepts Claude already knows and keeps everything actionable.

DimensionReasoningScore

Conciseness

The body is lean and assumes Claude's competence: no explanation of what JWT, DPoP, or ASP.NET Core are, and every section earns its tokens with code or a concrete table rather than prose padding.

3 / 3

Actionability

Provides copy-paste-ready executable code throughout — `dotnet add package`, `auth0 apis create`, full Program.cs and endpoint snippets, and concrete curl test commands with exact headers.

3 / 3

Workflow Clarity

The six-step Quick Start is clearly sequenced with a hard validation checkpoint ('STOP — ask the user before proceeding'), and the Common Mistakes table plus explicit middleware-order and Domain-format callouts give error-recovery feedback loops.

3 / 3

Progressive Disclosure

SKILL.md is a concise overview that cleanly offloads depth to three real one-level-deep reference files (setup.md, integration.md, api.md), each clearly signaled with named anchor links and listed again in a Detailed Documentation section.

3 / 3

Total

12

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

A strong, concise description that names concrete capabilities, uses a third-person 'Use when' trigger, and carves out a distinct Auth0 ASP.NET Core Web API niche. It cleanly satisfies the what/when and distinctiveness requirements.

DimensionReasoningScore

Specificity

Lists multiple concrete actions — 'JWT Bearer token validation, scope checks, or DPoP binding' — paired with the specific integration library and the stateless-REST-API receiving context.

3 / 3

Completeness

Explicitly answers both 'what' (protecting endpoints via validation/scope checks/DPoP) and 'when' via the leading 'Use when protecting ASP.NET Core Web API endpoints...' clause.

3 / 3

Trigger Term Quality

Uses natural user-facing terms ('JWT Bearer token validation', 'scope checks', 'ASP.NET Core Web API endpoints', 'access tokens') that a developer would actually say, plus the explicit 'Use when' trigger phrasing.

3 / 3

Distinctiveness Conflict Risk

Scoped to Auth0 ASP.NET Core Web API integration with JWT/DPoP, a clear niche that is unlikely to trigger for MVC/SPA/mobile skills, reinforced by the body's 'When NOT to Use' list.

3 / 3

Total

12

/

12

Passed

Validation

93%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation15 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

metadata_field

'metadata' should map string keys to string values

Warning

Total

15

/

16

Passed

Repository
auth0/agent-skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.