CtrlK
BlogDocsLog inGet started
Tessl Logo

memory-safe-migration

Guide secure migration of code from memory-unsafe languages (C, C++, Assembly) to memory-safe languages (Rust, Go, Java, C#, Swift). Use when migrating or rewriting legacy C/C++ code, designing FFI boundaries between safe and unsafe code, writing new modules in existing C/C++ codebases, reviewing mixed-language projects, planning memory safety roadmaps, or when an AI agent is about to generate new C/C++ code that could be written in a memory-safe language instead. Also triggers on CISA/NSA memory safety compliance discussions.

80

Quality

100%

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

100%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The body is a well-structured, actionable migration playbook with a clear decision section, sequenced workflow, validation checkpoints, and anti-patterns, deferring detail to real one-level-deep references. It is concise and assumes Claude's competence throughout.

DimensionReasoningScore

Conciseness

The body is lean — a decision section, a six-step workflow, bulleted rules, and anti-patterns — and assumes Claude's competence without explaining what C, Rust, or FFI are. The only redundancy is a few FFI key rules restated inline alongside the pointer to references/ffi-security.md.

3 / 3

Actionability

Provides an executable command ('python scripts/assess-migration.py --file <source_file>'), named tools (Miri, ASan, clippy, rustfmt, catch_unwind), and concrete copy-pasteable rules such as 'Document every `unsafe` block with a `// SAFETY:` comment'.

3 / 3

Workflow Clarity

Six explicitly sequenced steps with Step 5 'Validate' as an explicit validation checkpoint and checklist, and Step 2 mandating tests-first as a gate before migration begins.

3 / 3

Progressive Disclosure

SKILL.md is an overview pointing via markdown links to four one-level-deep reference files plus one script, all of which exist on disk, keeping detail appropriately split out of the main body.

3 / 3

Total

12

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is precise and trigger-rich, covering what the skill does and exactly when to invoke it with concrete, user-natural language. It occupies a distinct niche with minimal conflict risk. No changes needed.

DimensionReasoningScore

Specificity

Lists multiple concrete actions such as 'Guide secure migration', 'designing FFI boundaries between safe and unsafe code', 'writing new modules in existing C/C++ codebases', and 'reviewing mixed-language projects'.

3 / 3

Completeness

Explicitly answers what ('Guide secure migration of code from memory-unsafe languages... to memory-safe languages') and when via a clear 'Use when...' clause plus 'Also triggers on...'.

3 / 3

Trigger Term Quality

Covers natural terms users would say — 'migrating or rewriting legacy C/C++ code', 'memory safety roadmaps', 'mixed-language projects', and 'CISA/NSA memory safety compliance' — across common phrasings.

3 / 3

Distinctiveness Conflict Risk

A clear niche — memory-safe language migration — anchored by distinct triggers (FFI boundaries, CISA/NSA compliance, MSL selection) unlikely to collide with other skills.

3 / 3

Total

12

/

12

Passed

Validation

100%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation16 / 16 Passed

Validation for skill structure

No warnings or errors.

Repository
cosai-oasis/project-codeguard
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.