anti-reversing-techniques
AUTHORIZED USE ONLY: This skill contains dual-use security techniques. Before proceeding with any bypass or analysis: > 1.
28
11%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/antigravity-anti-reversing-techniques/SKILL.mdQuality
Discovery
0%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is essentially a legal/authorization disclaimer rather than a functional skill description. It provides no information about what the skill does, what actions it performs, or when Claude should select it. It is entirely unsuitable for skill selection among a set of available skills.
Suggestions
Replace the disclaimer text with a concrete description of what the skill does, e.g., 'Performs penetration testing analysis on web applications, identifies common vulnerabilities such as XSS and SQL injection.'
Add an explicit 'Use when...' clause with natural trigger terms that users would say, e.g., 'Use when the user asks about security testing, vulnerability scanning, or penetration testing.'
Move the authorization disclaimer to the skill body rather than the description field, which should be reserved for capability and trigger information.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description contains no concrete actions whatsoever. It mentions 'bypass or analysis' in passing but does not describe what the skill actually does. The text is a disclaimer/warning rather than a capability description. | 1 / 3 |
Completeness | The description fails to answer both 'what does this do' and 'when should Claude use it.' There is no 'Use when...' clause, no explanation of capabilities, and the text is entirely a procedural disclaimer rather than a functional description. | 1 / 3 |
Trigger Term Quality | There are no natural user-facing keywords. Terms like 'dual-use security techniques' and 'bypass or analysis' are vague jargon that users would not naturally use to invoke a skill. No actionable trigger terms are present. | 1 / 3 |
Distinctiveness Conflict Risk | The description is so vague that it could apply to virtually any security-related skill. 'Security techniques,' 'bypass,' and 'analysis' are extremely broad and would conflict with many other security-oriented skills. | 1 / 3 |
Total | 4 / 12 Passed |
Implementation
22%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is almost entirely a legal disclaimer wrapper around a pointer to an external file. It provides no concrete techniques, tools, commands, or examples in the body itself, making it nearly useless as standalone guidance. The authorization framing is reasonable but overly verbose and repetitive, while the actual instructional content is vague and abstract.
Suggestions
Add at least one concrete, actionable example in the body (e.g., a specific tool command like `strings`, `strace`, or `ghidra` usage for initial triage) so the skill provides value without requiring the external file.
Replace the vague 4-step instructions with a specific workflow including tool choices, validation steps, and decision points (e.g., 'Run `file` and `strings` on the binary → identify packer signatures → if packed, use `upx -d` → verify with `file` again').
Consolidate the repeated authorization guidance—the blockquote, 'Use this skill when', and 'Do not use this skill when' sections all say similar things and could be merged into a single concise section.
Include a brief summary of what's in `resources/implementation-playbook.md` (e.g., a table of contents or key technique categories) so the reader knows what to expect before navigating there.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The authorization disclaimer is lengthy and repeated (once in the blockquote, again in 'Do not use this skill when'). The 'Use this skill when' and 'Do not use this skill when' sections overlap with the disclaimer. However, given the security-sensitive nature, some redundancy is justified. | 2 / 3 |
Actionability | The instructions are entirely abstract and vague: 'Identify protection mechanisms and choose safe analysis methods' provides no concrete techniques, commands, tools, or examples. There is no executable guidance whatsoever—everything substantive is deferred to an external file. | 1 / 3 |
Workflow Clarity | The four numbered steps are high-level platitudes ('Confirm authorization', 'Identify protection mechanisms', 'Document findings') with no specifics, no validation checkpoints, and no feedback loops. For a skill involving potentially destructive or legally sensitive operations, this is insufficient. | 1 / 3 |
Progressive Disclosure | There is a reference to `resources/implementation-playbook.md` which is one level deep and clearly signaled, which is good. However, the SKILL.md itself contains almost no substantive content—it's essentially an empty shell pointing elsewhere, with the overview providing no useful quick-start information. | 2 / 3 |
Total | 6 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Repository
- boisenoise/skills-collections
- Commit
636b862
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.