cx-platform-admin
Use this skill when the user asks "who has access", "audit permissions", "check user roles", "list API keys", "review access controls", "rotate API keys", "create API key", "delete expired keys", "send data keys", "IP allowlist", "IP access restrictions", "check IP whitelist", "add user", "deactivate user", "manage team groups", "user permissions", "role-based access", "manage scopes", "system roles", "API key admin", "team member keys", "group membership", or wants to audit, manage, or configure access controls for a Coralogix account.
52
57%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/cx-platform-admin/SKILL.mdQuality
Discovery
37%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is essentially a long list of trigger phrases with no substantive explanation of what the skill actually does. While the trigger term coverage is excellent, the complete absence of capability descriptions makes it impossible for Claude to understand the skill's actual functionality. The description inverts the typical structure — it's all 'when' and no 'what.'
Suggestions
Add a clear opening sentence describing concrete capabilities, e.g., 'Manages Coralogix access controls including listing user roles, rotating and creating API keys, configuring IP allowlists, and auditing permissions.'
Restructure to lead with 'what it does' followed by a 'Use when...' clause, rather than starting with trigger phrases — e.g., 'Audits and manages access controls for Coralogix accounts: user roles, API keys, IP allowlists, team groups, and scopes. Use when...'
Trim the trigger phrase list to the most distinctive terms and consolidate synonyms to reduce verbosity while maintaining coverage.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description lists no concrete actions or capabilities. It only provides trigger phrases and a vague closing clause about auditing/managing/configuring access controls, but never describes what the skill actually does (e.g., 'Lists users and their roles', 'Rotates API keys', 'Manages IP allowlists'). | 1 / 3 |
Completeness | The description answers 'when' extensively with trigger phrases but almost entirely fails to answer 'what does this do.' There is no explanation of the skill's capabilities, outputs, or how it accomplishes tasks. The 'what' is very weak — only implied through the trigger terms. | 1 / 3 |
Trigger Term Quality | The description includes an extensive list of natural trigger phrases that users would actually say, covering permissions auditing, API key management, IP allowlists, user management, role-based access, and group membership. Good coverage of variations. | 3 / 3 |
Distinctiveness Conflict Risk | The mention of 'Coralogix account' provides some distinctiveness, and the access control domain is somewhat specific. However, the broad scope covering API keys, users, IP allowlists, and permissions could overlap with other access management or Coralogix-related skills. | 2 / 3 |
Total | 7 / 12 Passed |
Implementation
77%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a strong, actionable skill with excellent workflow clarity and concrete executable commands. Its main weakness is moderate verbosity from duplicated safety warnings across multiple sections and a monolithic structure that could benefit from splitting reference tables into separate files. The destructive operation safety patterns and agent mode detection are particularly well-handled.
Suggestions
Consolidate the duplicated safety warnings (API key deletion risk is stated in Safety Callouts, API Key Rotation, and Key Principles) into a single authoritative location
Consider extracting the full command reference tables into a separate COMMANDS.md file, keeping only the most common commands inline in SKILL.md
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is mostly efficient with well-structured tables and concrete commands, but includes some unnecessary padding like the 'Key Principles' section which restates things already covered (e.g., 'never delete keys without replacement' is stated three times across different sections). The safety callouts section largely duplicates the warning in the API Key Rotation section. | 2 / 3 |
Actionability | Provides fully executable CLI commands with concrete flags, jq pipelines for filtering output, and complete workflows with specific command sequences. The API key rotation workflow and access audit workflow are copy-paste ready with real commands. | 3 / 3 |
Workflow Clarity | The access audit workflow is clearly sequenced in 6 steps with specific commands at each stage. The API key rotation workflow includes explicit validation checkpoints (deploy → verify → only then delete) with a clear warning about the consequences of skipping verification. The destructive operation safety section provides a clear feedback loop for write operations. | 3 / 3 |
Progressive Disclosure | The content is well-organized with clear sections and tables, but it's a fairly long monolithic file with no bundle files to offload detailed reference content. The comprehensive command tables and multiple workflows could benefit from being split into separate reference files, with SKILL.md serving as a concise overview pointing to them. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- coralogix/cx-cli
- Commit
34d6303
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.