eicar-test

Test skill containing EICAR test file for malware detection

1.17x

Quality

14%

Does it follow best practices?

Impact

100%

1.17x

Average score across 3 eval scenarios

Securityby

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./evals/test_skills/malicious/eicar-test/SKILL.md

Quality

Content

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This skill is essentially a description rather than an actionable skill. It explains what the EICAR test file is (which Claude already knows) but provides zero instructions on how to use it, no code examples, no commands, and no workflow for testing the VirusTotal integration it mentions. It fails on nearly every dimension of the rubric.

Suggestions

Add concrete, executable steps for how to use the EICAR test file with the VirusTotal binary file scanner (e.g., specific commands or API calls).

Remove the explanatory text about what EICAR is and replace it with actionable instructions — Claude already knows what EICAR test files are.

Include the actual asset file path and provide a clear workflow: e.g., 1. Locate the EICAR file, 2. Submit to VirusTotal, 3. Validate the detection result.

If the assets folder contains supporting files, reference them explicitly with relative paths so Claude can locate and use them.

Dimension	Reasoning	Score
Conciseness	The content explains what the EICAR test file is and what it does — information Claude already knows. The sentence 'It is NOT a virus but is detected by all antivirus software as malware' is unnecessary context padding. The entire body is descriptive rather than instructional.	1 / 3
Actionability	There are no concrete instructions, commands, code examples, or executable guidance. The skill merely describes what the EICAR file is and states a vague purpose without telling Claude what to do with it or how to use it.	1 / 3
Workflow Clarity	There is no workflow, no steps, no sequence of actions, and no validation checkpoints. The skill provides no guidance on how to actually perform the testing task it describes.	1 / 3
Progressive Disclosure	The content is short and has some section structure (heading + Purpose section), but it mentions an 'assets folder' without linking to it or providing any file references. No bundle files are provided to support the referenced assets.	2 / 3
	Total	5 / 12 Passed

Description

22%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This description is very weak — it reads more like a label or file inventory note than a functional skill description. It fails to describe concrete actions the skill performs and completely lacks a 'Use when...' clause, making it difficult for Claude to know when to select this skill.

Suggestions

Add concrete action verbs describing what the skill does, e.g., 'Generates EICAR test strings for validating antivirus and malware detection configurations.'

Add an explicit 'Use when...' clause, e.g., 'Use when the user needs to test antivirus software, validate malware detection pipelines, or generate EICAR test patterns.'

Include natural trigger term variations such as 'antivirus testing', 'virus scanner validation', 'security test file', 'EICAR string' to improve discoverability.

Dimension	Reasoning	Score
Specificity	The description is vague — it says 'containing EICAR test file for malware detection' but does not describe any concrete actions the skill performs. There are no verbs indicating what the skill does (e.g., generates, scans, validates).	1 / 3
Completeness	The description weakly addresses 'what' (contains an EICAR test file) but does not explain what the skill actually does with it, and there is no 'when' clause or explicit trigger guidance at all.	1 / 3
Trigger Term Quality	It includes some relevant keywords like 'EICAR', 'malware detection', and 'test file' that a user familiar with security testing might use, but it lacks common variations or broader natural language terms users might say (e.g., 'antivirus test', 'virus scanner test', 'security testing').	2 / 3
Distinctiveness Conflict Risk	The mention of 'EICAR test file' is fairly niche and unlikely to conflict with most other skills, but the lack of specificity about what the skill does could cause confusion with other security-related skills.	2 / 3
	Total	6 / 12 Passed

Validation

100%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 11 / 11 Passed

Validation for skill structure

No warnings or errors.

Repository: cisco-ai-defense/skill-scanner
Commit: ff708ea

Reviewed: about 1 month ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.