CtrlK
BlogDocsLog inGet started
Tessl Logo

aws-secrets-rotation

Automate AWS secrets rotation for RDS, API keys, and credentials

59

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Advisory

Suggest reviewing before use

SKILL.md
Quality
Evals
Security

Quality

Content

65%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The skill is highly actionable with executable code and commands, but it is verbose and monolithic, bundling full scripts inline rather than splitting them into reference files. Workflow guidance lacks explicit validation feedback loops for destructive rotation operations.

Suggestions

Move the full Lambda, compliance, and audit scripts into files under scripts/ or references/ and reference them from SKILL.md to improve progressive disclosure and conciseness.

Add an explicit end-to-end rotation workflow with validate→fix→retry checkpoints, especially for destructive RDS password changes.

Tighten inline code by trimming boilerplate and retaining only the rotation-critical logic to reduce token load.

DimensionReasoningScore

Conciseness

The body is mostly concrete code and commands with little concept explanation Claude already knows, but at ~460 lines with several full inline scripts (lambda_rotation.py, api_key_rotation.py, compliance-report.py, audit-rotations.sh) it is verbose and could be tightened or split, matching 'mostly efficient but could be tightened' rather than the lean level above.

2 / 3

Actionability

It provides fully executable AWS CLI commands, complete Lambda rotation functions, and Python/Node SDK and bash examples that are copy-paste ready, matching 'fully executable code/commands; specific examples'; it is not the level below, which expects pseudocode or missing key details.

3 / 3

Workflow Clarity

The Lambda rotation function sequences createSecret/setSecret/testSecret/finishSecret with a testSecret validation checkpoint, but there is no explicit end-to-end validate→fix→retry feedback loop for the destructive password-change operations, capping workflow clarity at 2 per the destructive-operations guideline.

2 / 3

Progressive Disclosure

The body is well-organized with clear sections but is a single monolithic file well over 50 lines with full scripts that could live in separate reference files, and no bundle files are present; this matches 'some structure but content that should be separate is inline' rather than the well-split level above.

2 / 3

Total

9

/

12

Passed

Description

72%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is specific and uses strong natural trigger terms within a clearly distinct niche, but it lacks an explicit 'Use when...' trigger clause, which caps its completeness. Adding a when-to-use phrase would round it out.

Suggestions

Add an explicit trigger clause, e.g. 'Use when rotating AWS secrets, managing RDS/API-key credentials, or meeting rotation compliance policies.'

Broaden the action list beyond 'Automate' to name concrete verbs (e.g. create, rotate, monitor, audit) to lift specificity.

Include common term variations like 'password rotation' or 'key rotation' to strengthen trigger coverage.

DimensionReasoningScore

Specificity

Names the domain and concrete targets ('RDS, API keys, and credentials') but uses a single action verb ('Automate ... rotation') rather than listing multiple distinct concrete actions, so it sits at 'names domain and some actions, not comprehensive' rather than the multi-action level above.

2 / 3

Completeness

The description states what the skill does ('Automate AWS secrets rotation for RDS, API keys, and credentials') but omits any 'Use when...' clause or explicit trigger guidance, so per the judging guideline completeness is capped at 2; it is not a 1 because the 'what' is clearly present, and not a 3 because 'when' is entirely absent.

2 / 3

Trigger Term Quality

'AWS', 'secrets rotation', 'RDS', 'API keys', and 'credentials' are exactly the natural terms a user would say when they need this skill, giving good coverage; it is not the level below, which requires only generic jargon or sparse keywords.

3 / 3

Distinctiveness Conflict Risk

'AWS secrets rotation' is a clear, narrow niche with distinct triggers unlikely to conflict with unrelated skills; the generic word 'credentials' introduces minor overlap risk but not enough to drop it to the 'could still overlap' level below.

3 / 3

Total

10

/

12

Passed

Validation

93%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation15 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

15

/

16

Passed

Repository
boisenoise/skills-collections
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.