eicar-test
Test skill containing EICAR test file for malware detection
45
14%
Does it follow best practices?
Impact
100%
1.17xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./evals/test_skills/malicious/eicar-test/SKILL.mdQuality
Discovery
22%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is very weak — it reads more like a label or metadata tag than a functional skill description. It fails to describe any concrete actions the skill performs and provides no guidance on when Claude should select it. The only redeeming quality is the niche domain reference to EICAR test files.
Suggestions
Add concrete action verbs describing what the skill does, e.g., 'Generates EICAR test strings for validating antivirus and malware detection systems.'
Add an explicit 'Use when...' clause, e.g., 'Use when the user needs to test antivirus software, validate malware scanners, or generate EICAR test patterns.'
Include natural trigger terms users might say, such as 'antivirus testing', 'virus scanner validation', 'EICAR string', 'malware scanner test'.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description is vague — it says 'containing EICAR test file for malware detection' but does not describe any concrete actions the skill performs. There are no verbs indicating what the skill does (e.g., generates, scans, validates). | 1 / 3 |
Completeness | The description barely addresses 'what' (it's a test skill containing an EICAR file) and completely lacks any 'when' guidance. There is no 'Use when...' clause or equivalent trigger guidance. | 1 / 3 |
Trigger Term Quality | It includes some relevant keywords like 'EICAR', 'malware detection', and 'test file' that a user familiar with security testing might use, but it lacks common variations or broader natural language terms like 'antivirus testing', 'virus scanner test', or 'security scan'. | 2 / 3 |
Distinctiveness Conflict Risk | The mention of 'EICAR test file' is fairly niche and specific to malware detection testing, which reduces conflict risk. However, the lack of specificity about what the skill actually does could cause confusion with other security-related skills. | 2 / 3 |
Total | 6 / 12 Passed |
Implementation
7%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is essentially a description rather than an instruction set. It explains what the EICAR test file is (which Claude already knows) but provides no actionable guidance on how to use it, no code examples, no commands, and no workflow steps. It fails to serve as a useful skill document.
Suggestions
Add concrete, executable steps showing how to use the EICAR test file with the VirusTotal scanner integration (e.g., specific commands or API calls).
Remove the explanation of what EICAR is—Claude already knows this—and replace it with actionable instructions such as file paths, expected outputs, and validation steps.
Include a clear workflow: e.g., 1. Locate the EICAR file at `assets/eicar.com`, 2. Submit to VirusTotal using `<specific command>`, 3. Verify the response indicates detection.
Link to the assets folder and any related integration documentation so the skill is navigable.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Explains what the EICAR test file is, which is common knowledge Claude already possesses. The sentence 'It is NOT a virus but is detected by all antivirus software as malware' adds no actionable value. The entire content is descriptive padding with no operational guidance. | 1 / 3 |
Actionability | Provides zero concrete guidance, no code, no commands, and no instructions on how to use the skill or the EICAR file. It merely describes what the file is and its purpose at a high level. | 1 / 3 |
Workflow Clarity | No steps, no sequence, no workflow of any kind. There is no indication of how to use the EICAR file for testing, what commands to run, or what to expect as output. | 1 / 3 |
Progressive Disclosure | The content is short and has a section header ('Purpose'), so it's not a wall of text. However, it mentions an 'assets folder' and a 'VirusTotal binary file scanner integration' without linking to either, making navigation unclear. | 2 / 3 |
Total | 5 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- cisco-ai-defense/skill-scanner
- Commit
f726e6a
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.