aws-secrets-rotation
Automate AWS secrets rotation for RDS, API keys, and credentials
Install with Tessl CLI
npx tessl i github:boisenoise/skills-collections --skill aws-secrets-rotation72
Does it follow best practices?
If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:
npx tessl skill review --optimize ./path/to/skillValidation for skill structure
Discovery
50%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
The description effectively communicates specific AWS secrets management capabilities with good domain specificity. However, it critically lacks explicit trigger guidance ('Use when...') which would help Claude know when to select this skill. The trigger terms are decent but could include more user-natural variations.
Suggestions
Add a 'Use when...' clause with trigger scenarios like 'Use when the user needs to rotate database passwords, manage AWS Secrets Manager, or automate credential lifecycle'
Include additional natural trigger terms users might say: 'rotate secrets', 'AWS Secrets Manager', 'password rotation', 'credential management', 'secret lifecycle'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'AWS secrets rotation' for 'RDS, API keys, and credentials' - these are distinct, concrete capabilities rather than vague language. | 3 / 3 |
Completeness | Only answers 'what' (automate secrets rotation) but completely lacks a 'Use when...' clause or any explicit trigger guidance for when Claude should select this skill. | 1 / 3 |
Trigger Term Quality | Includes good keywords like 'AWS', 'secrets rotation', 'RDS', 'API keys', 'credentials', but missing common variations users might say like 'rotate secrets', 'secret manager', 'password rotation', or 'AWS Secrets Manager'. | 2 / 3 |
Distinctiveness Conflict Risk | Clear niche with distinct AWS-specific triggers (RDS, secrets rotation, credentials); unlikely to conflict with generic document or code skills due to specific AWS/security domain focus. | 3 / 3 |
Total | 9 / 12 Passed |
Implementation
77%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a strong, actionable skill with excellent executable code examples covering the full secrets rotation lifecycle. The four-step Lambda rotation workflow is clearly documented with proper validation. However, the document is lengthy and could be more concise by removing sections Claude doesn't need (like 'When to Use' and 'Example Prompts') and splitting detailed implementations into separate files.
Suggestions
Remove the 'When to Use', 'Example Prompts', and 'Kiro CLI Integration' sections as they don't add actionable value for Claude
Consider splitting the Lambda rotation functions and compliance scripts into separate reference files (e.g., LAMBDA_TEMPLATES.md, COMPLIANCE.md) with brief summaries in the main skill
Consolidate the 'Supported Secret Types' into a more compact format or remove it entirely since the examples make the supported types clear
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is comprehensive but includes some unnecessary verbosity. The 'When to Use' section and 'Example Prompts' sections add little value for Claude. The supported secret types list could be more compact, and some code comments are redundant. | 2 / 3 |
Actionability | Excellent executable code throughout - complete bash commands, Python Lambda functions, Node.js SDK examples, and audit scripts are all copy-paste ready with realistic parameters and proper error handling. | 3 / 3 |
Workflow Clarity | The Lambda rotation function clearly shows the four-step rotation workflow (createSecret → setSecret → testSecret → finishSecret) with explicit validation in the testSecret step. The audit script and compliance report provide verification checkpoints. | 3 / 3 |
Progressive Disclosure | Content is well-organized with clear sections, but this is a monolithic document that could benefit from splitting detailed Lambda code and compliance scripts into separate reference files. The 'Additional Resources' section provides external links but internal progressive disclosure is lacking. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.