CtrlK
BlogDocsLog inGet started
Tessl Logo

eicar-test

Test skill containing EICAR test file for malware detection

72

1.17x
Quality

57%

Does it follow best practices?

Impact

100%

1.17x

Average score across 3 eval scenarios

SecuritybySnyk

Passed

No known issues

Fix and improve this skill with Tessl

tessl review fix ./evals/test_skills/malicious/eicar-test/SKILL.md
SKILL.md
Quality
Evals
Security

Quality

Content

57%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The body is concise and neatly organized with a valid asset reference, but it lacks concrete executable guidance on what to actually do with the EICAR test file.

Suggestions

Add an explicit action or command for using the test file, e.g. how to submit assets/test-binary.bin to a scanner.

Clarify the single-step workflow so the intended action is unambiguous rather than only implied.

State the expected verification result (e.g. the file should be flagged as malware) to give the test a concrete pass/fail signal.

DimensionReasoningScore

Conciseness

The body is lean and well under budget with only a brief, relevant EICAR clarification; it does not pad with concepts Claude already knows, matching the "lean and efficient" anchor.

3 / 3

Actionability

It describes that the skill contains the test file and is used to test VirusTotal integration but gives no concrete, executable guidance or commands, matching the "vague or abstract; describes rather than instructs" anchor.

1 / 3

Workflow Clarity

The Purpose section implies a single task but the action to perform is not unambiguous, so it does not reach the simple-skill 3 anchor; sequence is implied rather than clearly stated.

2 / 3

Progressive Disclosure

Under 50 lines with clear sections (# title, ## Purpose) and a real one-level asset reference (assets/test-binary.bin), satisfying the simple-skill exception for well-organized content.

3 / 3

Total

9

/

12

Passed

Description

57%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description clearly identifies a narrow niche but is terse: it names the domain and one action without explicit use-trigger guidance or broad keyword coverage.

Suggestions

Add an explicit 'Use when...' clause, e.g. 'Use when testing malware detection or VirusTotal scanner integrations with the EICAR test file.'

Broaden trigger terms to include natural variations like 'antivirus test', 'malware scanner test', or 'VirusTotal integration test'.

Name a second concrete action (e.g. 'serves' or 'provides') to lift specificity toward the 3 anchor.

DimensionReasoningScore

Specificity

Names the domain and a concrete action ("containing EICAR test file for malware detection") but lists only one action, so it stops short of the "multiple specific concrete actions" anchor at 3.

2 / 3

Completeness

It states what the skill does but lacks any explicit "Use when..." trigger clause, which per the guidelines caps completeness at 2.

2 / 3

Trigger Term Quality

"EICAR test file" and "malware detection" are relevant keywords but coverage is narrow with no common user-level variations, matching the "some relevant keywords but missing common variations" anchor.

2 / 3

Distinctiveness Conflict Risk

The EICAR/malware-detection niche is highly specific and unlikely to trigger for the wrong skill, matching the "clear niche with distinct triggers" anchor.

3 / 3

Total

9

/

12

Passed

Validation

100%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation16 / 16 Passed

Validation for skill structure

No warnings or errors.

Repository
cisco-ai-defense/skill-scanner
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.