aws-compliance-checker
Automated compliance checking against CIS, PCI-DSS, HIPAA, and SOC 2 benchmarks
32
27%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/antigravity-aws-compliance-checker/SKILL.mdQuality
Discovery
40%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
The description identifies a clear niche in compliance checking with specific benchmark frameworks, which provides good distinctiveness. However, it lacks a 'Use when...' clause entirely and doesn't describe concrete actions beyond generic 'checking', making it insufficient for Claude to reliably select this skill in the right contexts.
Suggestions
Add a 'Use when...' clause with trigger terms like 'compliance audit', 'security benchmark', 'regulatory check', 'CIS scan', 'PCI assessment', or 'HIPAA compliance'.
List specific concrete actions such as 'Scans infrastructure configurations, generates compliance reports, identifies policy violations, and recommends remediation steps'.
Include common user-facing synonyms like 'security audit', 'compliance scan', 'regulatory assessment', and 'security posture review' to improve trigger term coverage.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (compliance checking) and lists specific frameworks (CIS, PCI-DSS, HIPAA, SOC 2), but doesn't describe concrete actions beyond 'checking' — e.g., what does it produce? Reports, remediation steps, gap analysis? | 2 / 3 |
Completeness | Describes what it does (compliance checking against benchmarks) but completely lacks a 'Use when...' clause or any explicit trigger guidance for when Claude should select this skill. Per rubric guidelines, missing 'Use when' caps completeness at 2, and the 'what' is also thin, warranting a 1. | 1 / 3 |
Trigger Term Quality | Includes good framework-specific keywords (CIS, PCI-DSS, HIPAA, SOC 2) that users would naturally mention, but misses common variations like 'security audit', 'compliance scan', 'benchmark assessment', 'regulatory compliance', or 'security posture'. | 2 / 3 |
Distinctiveness Conflict Risk | The combination of 'compliance checking' with specific named benchmarks (CIS, PCI-DSS, HIPAA, SOC 2) creates a clear niche that is unlikely to conflict with other skills. | 3 / 3 |
Total | 8 / 12 Passed |
Implementation
14%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is a massive wall of inline scripts with no clear workflow, incomplete implementations (SOC 2 entirely missing, PCI-DSS and reporting stubs), and significant verbosity from listing compliance framework categories Claude already knows. The CIS bash scripts have some genuine value with real AWS CLI commands, but the lack of workflow guidance, validation steps, and content organization severely limits usability.
Suggestions
Split the inline scripts into separate bundle files (e.g., scripts/cis-iam-checks.sh, scripts/pci-checker.py) and reference them from SKILL.md with brief descriptions of what each checks.
Add a clear workflow section: 1) Prerequisites (AWS credentials, permissions needed), 2) Choose framework, 3) Run checks, 4) Review findings, 5) Remediate and re-check — with explicit validation steps.
Remove the 'Supported Frameworks' category listings (Claude knows what CIS/PCI-DSS/HIPAA/SOC2 cover) and replace with a concise table showing which checks are implemented vs. not.
Complete the stub implementations (run_cis_checks, run_pci_checks, run_hipaa_checks returning empty lists) or remove the compliance-report.py until it's functional, and add SOC 2 checks or remove it from the supported list.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Extremely verbose at ~400+ lines. Lists every compliance framework's categories (which Claude already knows), includes massive bash scripts inline, has placeholder functions (run_cis_checks returning empty lists), explains what PCI-DSS and HIPAA stand for, and includes a 'Supported Frameworks' section that just lists well-known compliance domains. The 'Best Practices' and 'Example Prompts' sections add little value. | 1 / 3 |
Actionability | The CIS bash scripts are mostly executable and contain real AWS CLI commands, which is good. However, the PCI-DSS Python checker has incomplete requirements (comments like '# Check for default passwords, etc.'), the compliance-report.py has stub functions returning empty lists, and the HIPAA checker is partial. SOC 2 is listed as supported but has zero implementation. | 2 / 3 |
Workflow Clarity | There is no clear workflow for how to actually use these scripts together. No sequencing of steps, no validation checkpoints, no guidance on what to do when checks fail, no error recovery. The scripts are just dumped as standalone files with no integration guidance. For compliance checking (which can have destructive remediation implications), this lack of workflow is a significant gap. | 1 / 3 |
Progressive Disclosure | Everything is crammed into a single monolithic file with hundreds of lines of inline bash and Python scripts. There are no bundle files, yet the content clearly warrants splitting into separate files per framework (e.g., cis-checks.sh, pci-checker.py, hipaa-checker.sh). The 'Additional Resources' section links to external sites but doesn't organize the skill's own content. | 1 / 3 |
Total | 5 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
skill_md_line_count | SKILL.md is long (522 lines); consider splitting into references/ and linking | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Repository
- boisenoise/skills-collections
- Commit
8ac11ab
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.