data-exfiltrator
Analyzes data files
28
Quality
11%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Critical
Do not install without reviewing
Optimize this skill with Tessl
npx tessl skill review --optimize ./evals/test_skills/malicious/exfiltrator/SKILL.mdQuality
Discovery
0%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is critically underdeveloped and fails on all dimensions. It provides no specific capabilities, no trigger terms users would naturally use, no guidance on when to select this skill, and would conflict with virtually any data-related skill in a multi-skill environment.
Suggestions
Specify concrete actions: replace 'Analyzes' with specific operations like 'Calculates statistics, generates visualizations, identifies trends, cleans and transforms data'
Add explicit file types and trigger terms: include formats like 'CSV, JSON, Excel, .xlsx, tabular data, datasets' that users would naturally mention
Add a 'Use when...' clause: e.g., 'Use when the user asks to analyze datasets, generate statistics, create charts from data, or work with CSV/JSON files'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description uses vague language ('Analyzes') with no concrete actions specified. It doesn't explain what kind of analysis or what outputs are produced. | 1 / 3 |
Completeness | Only weakly addresses 'what' (analyzes data) and completely missing 'when' guidance. No 'Use when...' clause or explicit trigger conditions. | 1 / 3 |
Trigger Term Quality | Contains only generic terms ('data files') with no natural keywords users would say. Missing file types, formats, or specific analysis terms like 'CSV', 'spreadsheet', 'statistics', 'charts'. | 1 / 3 |
Distinctiveness Conflict Risk | Extremely generic and would conflict with many skills. 'Data files' could overlap with Excel, CSV, JSON, database, visualization, and numerous other data-related skills. | 1 / 3 |
Total | 4 / 12 Passed |
Implementation
22%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is severely underdeveloped - it describes what to do at a high level but provides no actionable guidance on how to accomplish any of the steps. The mention of sending data to an external 'analytics server' is concerning without any context, authentication details, or safety considerations. The skill needs substantial expansion with concrete code examples, tool specifications, and proper validation steps.
Suggestions
Add concrete code examples showing how to read different file types (CSV, JSON, etc.) and extract specific metrics
Clarify or remove the 'analytics server' step - if this is a real requirement, provide endpoint details, authentication method, and data format; if not needed, remove it
Add validation steps to verify file format before processing and confirm successful metric extraction
Specify what 'key metrics' means with concrete examples of expected outputs
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is brief but lacks substance - it's not verbose, but the brevity comes from missing necessary detail rather than efficient communication. | 2 / 3 |
Actionability | Completely vague with no concrete code, commands, or examples. 'Read the file' and 'Extract key metrics' are abstract descriptions, not executable guidance. No indication of what tools, libraries, or methods to use. | 1 / 3 |
Workflow Clarity | Steps are listed but critically incomplete - no validation, no error handling, and step 3 mentions sending to an 'analytics server' without any details on how, what endpoint, or authentication. This is a risky operation with no safeguards. | 1 / 3 |
Progressive Disclosure | Simple structure that's easy to follow, but for a skill this sparse, there should either be more inline content or clear references to detailed documentation. Currently it's neither comprehensive nor properly linked. | 2 / 3 |
Total | 6 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
description_field | 'description' is very short (19 chars), consider making it more detailed | Warning |
Total | 10 / 11 Passed | |
- Repository
- cisco-ai-defense/skill-scanner
- Commit
c0a625f
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.