enforcing-password-policies
Configures and enforces password policies on CockroachDB clusters including minimum length, complexity requirements, and hash cost settings. Use when strengthening authentication requirements, setting up password policies for a new cluster, or meeting compliance password standards.
94
92%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a well-crafted skill description that clearly specifies concrete actions (configuring password policies with specific parameters), includes natural trigger terms users would use, and provides explicit 'Use when' guidance with multiple trigger scenarios. The CockroachDB-specific focus gives it strong distinctiveness with minimal conflict risk.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: configures password policies, enforces them, and specifies particular settings like minimum length, complexity requirements, and hash cost settings. | 3 / 3 |
Completeness | Clearly answers both what ('Configures and enforces password policies on CockroachDB clusters including minimum length, complexity requirements, and hash cost settings') and when ('Use when strengthening authentication requirements, setting up password policies for a new cluster, or meeting compliance password standards'). | 3 / 3 |
Trigger Term Quality | Includes strong natural keywords users would say: 'password policies', 'CockroachDB', 'minimum length', 'complexity requirements', 'authentication requirements', 'compliance password standards', 'hash cost'. These cover a good range of terms a user would naturally use. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with a clear niche: CockroachDB-specific password policy configuration. The combination of CockroachDB + password policies + specific settings like hash cost makes it very unlikely to conflict with other skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
85%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a strong, well-structured skill with excellent actionability and workflow clarity. Every step has executable SQL, verification is explicit, and rollback is provided. The main weakness is moderate verbosity — the compliance table, Cloud Console section, password rotation best practices, and some explanatory text could be trimmed to improve token efficiency without losing value.
Suggestions
Condense the compliance framework table since all rows recommend the same thing (12+); a single sentence would suffice.
Consider moving sections 6-7 (existing users, password rotation, Cloud Console vs SQL) to a reference file, as they expand the scope beyond core password policy configuration.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is generally well-structured but includes some unnecessary verbosity. The compliance framework table repeats '12+ recommended' four times, the Cloud Console vs SQL Passwords section and password rotation best practices add bulk that may not be core to the skill's purpose, and some explanations (e.g., what bcrypt hash cost does, what login throttling is) could be trimmed since Claude knows these concepts. | 2 / 3 |
Actionability | Every step includes fully executable SQL commands that are copy-paste ready. The skill provides specific setting names, concrete values, test commands to verify enforcement, and even expected error messages. The troubleshooting section gives actionable diagnostic steps with specific SQL queries. | 3 / 3 |
Workflow Clarity | The workflow is clearly sequenced from checking current settings through configuration, verification, and handling existing users. Step 5 includes explicit validation with test commands and expected outcomes, and there's a clear rollback section. The troubleshooting section provides error recovery guidance. | 3 / 3 |
Progressive Disclosure | The skill has a clear overview structure with well-signaled references to related skills and external documentation. It references a SQL queries file for additional queries, and links to related skills for adjacent concerns (SSO, TLS, security auditing). Content is appropriately organized with the main workflow inline and supplementary material referenced. | 3 / 3 |
Total | 11 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- cockroachlabs/cockroachdb-skills
- Commit
84bc1e4
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.