CtrlK
BlogDocsLog inGet started
Tessl Logo

setup-flows-auth

MUST be used when migrating an existing React app to Flows, or when no Flows auth is wired up. Detects classic vs Apps API flow from `app.json` `infra` field, installs the right packages, and wires up the entry file. No-op when a valid auth setup is already in place. Triggers: migrate to Flows, add Flows auth, DuneAuthProvider, AppSdkAuthProvider, connectToHostApp, useDune, Flows setup, setup auth, missing auth provider, CDF authentication, Fusion iframe auth.

76

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

92%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

A highly actionable, concise, well-sequenced setup guide with a solid no-op validation gate. The only gap is progressive disclosure: the two full flow walkthroughs live inline in one long file rather than being split into one-level-deep references.

Suggestions

Move each flow's full vite.config + entry-file/component code into separate reference files (e.g. classic-flow.md, apps-api-flow.md) and keep SKILL.md as a concise overview that links to them one level deep.

Pull the per-plugin explanation bullets (base, mkcert, fusionOpenPlugin, manifestCspPlugin, server.port) into the relevant reference file so the main body stays a tight overview.

If keeping a single file, add a short table-of-contents or quick-start summary at the top so the two flows are navigable without scrolling the full code.

DimensionReasoningScore

Conciseness

The body is lean: domain-specific CDF/Fusion details Claude would not already know, with no padding or re-explanation of basic concepts; every section earns its tokens.

3 / 3

Actionability

Provides fully executable vite configs, complete entry-file and component code, and package-manager-specific install commands (pnpm add / npm install / yarn add) that are copy-paste ready.

3 / 3

Workflow Clarity

A clear five-step sequence with an explicit validation gate in Step 1 (no-op when a valid setup exists) and an "if unsure, leave it and flag" recovery note; not a batch/destructive op so no feedback-loop cap applies.

3 / 3

Progressive Disclosure

A single ~190-line file with substantial inline code for both flows and no bundle/reference files; well-sectioned but not split, and over the 50-line simple-skill exemption that would allow a 3 from organization alone.

2 / 3

Total

11

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

A strong, third-person description that states concrete capabilities, an explicit use-when clause, and a rich trigger list with low conflict risk. No meaningful weaknesses to address.

DimensionReasoningScore

Specificity

"Detects classic vs Apps API flow from `app.json` `infra` field, installs the right packages, and wires up the entry file" lists multiple concrete actions, matching the score-3 anchor.

3 / 3

Completeness

Explicit "MUST be used when migrating an existing React app to Flows, or when no Flows auth is wired up" answers when, and the detect/install/wire actions answer what, with explicit triggers.

3 / 3

Trigger Term Quality

The Triggers list spans natural user phrases ("migrate to Flows", "setup auth", "missing auth provider") plus the technical terms a user would actually say, giving good coverage.

3 / 3

Distinctiveness Conflict Risk

The narrow Flows/CDF/Fusion React-auth niche with named providers (DuneAuthProvider, AppSdkAuthProvider) is clearly distinguishable and unlikely to fire for unrelated skills.

3 / 3

Total

12

/

12

Passed

Validation

87%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation14 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

allowed_tools_field

'allowed-tools' contains unusual tool name(s)

Warning

metadata_version

'metadata.version' is missing

Warning

Total

14

/

16

Passed

Repository
cognitedata/builder-skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.