auth0-express
Use when adding authentication to Express.js server-rendered web applications with session management - integrates express-openid-connect for traditional web apps
86
Does it follow best practices?
If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:
npx tessl skill review --optimize ./path/to/skillEvaluation — 98%
↑ 1.25xAgent success when using this skill
Validation for skill structure
Discovery
72%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
The description effectively carves out a clear niche for Express.js server-rendered authentication with good trigger terms and low conflict risk. However, it lacks specific concrete actions (what the skill actually does) and reads more like a context statement than a capability description. Adding explicit actions would significantly improve its utility.
Suggestions
Add specific concrete actions like 'configures login/logout routes, handles OAuth callbacks, manages user sessions, protects routes with authentication middleware'
Expand the 'Use when' clause with more explicit triggers like 'when user asks about login, logout, protecting routes, or OpenID Connect setup in Express'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (authentication, Express.js, session management) and mentions integration with express-openid-connect, but doesn't list specific concrete actions like 'configure login routes', 'handle callbacks', or 'manage user sessions'. | 2 / 3 |
Completeness | Has a 'Use when' clause which is good, but the 'what' portion is weak - it describes the context/integration but not the specific actions the skill performs. The 'when' is present but could be more explicit about trigger scenarios. | 2 / 3 |
Trigger Term Quality | Includes strong natural keywords users would say: 'authentication', 'Express.js', 'session management', 'server-rendered', 'web applications', 'traditional web apps', and the specific library name 'express-openid-connect'. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with specific technology stack (Express.js + express-openid-connect), architecture pattern (server-rendered/traditional web apps), and clear differentiation from SPA/API authentication approaches. | 3 / 3 |
Total | 10 / 12 Passed |
Implementation
85%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured skill with excellent actionability and progressive disclosure. The workflow is clear and the code examples are immediately usable. Minor verbosity issues (duplicate route example, some explanatory text) prevent a perfect conciseness score, but overall this skill effectively teaches Auth0 Express integration.
Suggestions
Remove the duplicate root route definition in Step 4 - the second one overwrites the first and creates confusion
Trim explanatory comments in code (e.g., '// Don't require auth for all routes') since Claude understands these patterns
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Generally efficient but includes some redundancy (duplicate root route definitions in Step 4, explanatory comments Claude doesn't need). The 'When NOT to Use' section is valuable but could be more compact. | 2 / 3 |
Actionability | Provides fully executable, copy-paste ready code examples with complete imports, configuration, and route definitions. Commands are specific (npm install, openssl rand) and the workflow is immediately implementable. | 3 / 3 |
Workflow Clarity | Clear 5-step numbered workflow with explicit testing step. The Common Mistakes table serves as validation guidance, and the progression from install → configure → implement → test is logical and complete. | 3 / 3 |
Progressive Disclosure | Excellent structure with concise Quick Start in main file and clear one-level-deep references to Setup Guide, Integration Guide, and API Reference. Quick Reference section provides scannable summary without bloating the main content. | 3 / 3 |
Total | 11 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.