aws-compliance-checker
Automated compliance checking against CIS, PCI-DSS, HIPAA, and SOC 2 benchmarks
Install with Tessl CLI
npx tessl i github:boisenoise/skills-collections --skill aws-compliance-checkerOverall
score
62%
Does it follow best practices?
If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:
npx tessl skill review --optimize ./path/to/skillValidation for skill structure
Discovery
40%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
The description identifies a clear compliance checking domain with specific framework names, providing good distinctiveness. However, it lacks concrete action verbs describing what the skill actually does beyond 'checking', and critically missing explicit trigger guidance ('Use when...') which significantly limits Claude's ability to know when to select this skill.
Suggestions
Add a 'Use when...' clause with trigger terms like 'compliance audit', 'security assessment', 'regulatory check', or when users mention specific frameworks
Expand the action verbs to describe concrete capabilities like 'scans configurations, generates compliance reports, identifies violations, recommends remediation steps'
Include common user phrases like 'security audit', 'compliance scan', 'benchmark assessment', 'regulatory requirements'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (compliance checking) and lists specific frameworks (CIS, PCI-DSS, HIPAA, SOC 2), but doesn't describe concrete actions beyond 'checking' - missing details like what it checks, generates reports, identifies violations, etc. | 2 / 3 |
Completeness | Describes what it does (compliance checking against benchmarks) but completely lacks a 'Use when...' clause or any explicit trigger guidance for when Claude should select this skill. | 1 / 3 |
Trigger Term Quality | Includes good compliance framework names (CIS, PCI-DSS, HIPAA, SOC 2) that users would mention, but missing common variations like 'security audit', 'compliance scan', 'security standards', 'regulatory compliance', or 'benchmark assessment'. | 2 / 3 |
Distinctiveness Conflict Risk | The specific compliance frameworks (CIS, PCI-DSS, HIPAA, SOC 2) create a clear niche that is unlikely to conflict with other skills - these are distinct regulatory/security standards. | 3 / 3 |
Total | 8 / 12 Passed |
Implementation
65%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill provides comprehensive, executable compliance checking scripts across multiple frameworks (CIS, PCI-DSS, HIPAA). The actionability is strong with real bash and Python code. However, the skill is overly long for a single file, lacks remediation workflows, and includes some filler content that doesn't add operational value.
Suggestions
Add explicit remediation steps or feedback loops after each check category (e.g., 'If SSH open to 0.0.0.0/0, restrict to specific CIDR ranges')
Split framework-specific checks into separate referenced files (e.g., CIS.md, PCI-DSS.md, HIPAA.md) to improve progressive disclosure
Remove or condense the 'Example Prompts', 'Best Practices', and 'Additional Resources' sections which add tokens without actionable guidance
Complete the Python stub functions (run_cis_checks, etc.) or remove them if they're not meant to be executable
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is fairly efficient with executable code examples, but includes some unnecessary sections like 'Example Prompts' and 'Best Practices' that add bulk without critical value. The framework descriptions at the top could be trimmed. | 2 / 3 |
Actionability | Provides fully executable bash scripts and Python code that can be run directly. Commands are specific, complete, and copy-paste ready with clear output formatting. | 3 / 3 |
Workflow Clarity | Scripts are well-organized by compliance domain (IAM, Logging, Networking), but lack explicit validation checkpoints or error recovery guidance. No feedback loops for handling failed checks or remediation steps. | 2 / 3 |
Progressive Disclosure | Content is organized into logical sections, but the file is monolithic at ~400 lines. The Python reporting framework stubs (run_cis_checks returning empty list) should either be complete or reference external files. External links are provided but internal structure could benefit from splitting. | 2 / 3 |
Total | 9 / 12 Passed |
Validation
82%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
skill_md_line_count | SKILL.md is long (517 lines); consider splitting into references/ and linking | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.