close-case-artifact
Close a case or alert with proper reason and documentation. Use when triage determines an alert is FP/BTP or investigation is complete. Requires artifact ID, type, closure reason, and root cause.
88
86%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a well-crafted skill description that clearly defines its purpose, trigger conditions, and required inputs. It uses appropriate third-person voice, includes domain-specific terminology that users would naturally use, and provides explicit 'Use when' guidance. The description effectively distinguishes itself through security operations-specific language.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists specific concrete actions: 'Close a case or alert', 'proper reason and documentation', and specifies required inputs: 'artifact ID, type, closure reason, and root cause'. | 3 / 3 |
Completeness | Clearly answers both what ('Close a case or alert with proper reason and documentation') and when ('Use when triage determines an alert is FP/BTP or investigation is complete') with explicit trigger conditions. | 3 / 3 |
Trigger Term Quality | Includes natural keywords users would say: 'close', 'case', 'alert', 'triage', 'FP/BTP', 'investigation complete'. These are domain-appropriate terms for security operations workflows. | 3 / 3 |
Distinctiveness Conflict Risk | Clear niche focused on case/alert closure in security operations context. Specific triggers like 'FP/BTP', 'triage', and 'closure reason' make it unlikely to conflict with other skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
72%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured, concise skill that clearly documents the closure API for cases and alerts. Its main weaknesses are the lack of validation steps after closure (checking CLOSURE_STATUS) and pseudocode-style examples rather than fully executable code. The common closure patterns table adds practical value.
Suggestions
Add a validation step after closure to check CLOSURE_STATUS and handle failures (e.g., 'Step 2: Verify closure succeeded by checking CLOSURE_STATUS == success')
Make code examples fully executable by specifying the language and showing complete usage including how to handle the response
Add error handling guidance for common failure scenarios (invalid root cause, already closed artifact, permission denied)
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is lean and efficient, presenting only necessary information without explaining concepts Claude already knows. Every section serves a clear purpose with no padding or unnecessary context. | 3 / 3 |
Actionability | Provides concrete function calls with clear parameters, but the code blocks are pseudocode-style (no language specified, no imports, not fully executable). The patterns table is helpful but the actual API calls lack complete context. | 2 / 3 |
Workflow Clarity | The workflow has only one step ('Execute Closure') with no validation or error handling. For a closure operation that could fail or have invalid inputs, there's no feedback loop to verify the closure succeeded or handle errors. | 2 / 3 |
Progressive Disclosure | For a skill of this size (~70 lines), the content is well-organized with clear sections (Inputs, Workflow, Outputs, Common Patterns). No external references needed and structure is easy to navigate. | 3 / 3 |
Total | 10 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Repository
- dandye/ai-runbooks
- Commit
4d132c7
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.