confirm-action
Ask the user to confirm before taking a significant action. Use before containment, remediation, or other impactful operations to ensure analyst approval. Presents options and waits for response.
63
54%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/confirm-action/SKILL.mdQuality
Discovery
67%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a reasonably well-structured description that clearly communicates both purpose and trigger conditions. The main weaknesses are the somewhat vague terminology ('significant action', 'impactful operations') and limited trigger term coverage. The security operations context helps with distinctiveness but could be more explicit.
Suggestions
Add more specific trigger terms users might naturally say, such as 'approve', 'authorize', 'dangerous', 'destructive', or 'irreversible action'
Replace vague phrases like 'significant action' and 'impactful operations' with concrete examples (e.g., 'blocking IPs, isolating hosts, terminating processes, deleting files')
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (security operations) and some actions ('containment, remediation, or other impactful operations'), but 'significant action' and 'impactful operations' remain somewhat vague. The description mentions 'Presents options and waits for response' which adds some specificity. | 2 / 3 |
Completeness | Clearly answers both what ('Ask the user to confirm before taking a significant action', 'Presents options and waits for response') and when ('Use before containment, remediation, or other impactful operations to ensure analyst approval') with explicit trigger guidance. | 3 / 3 |
Trigger Term Quality | Includes relevant terms like 'confirm', 'containment', 'remediation', 'analyst approval', but misses common variations users might say such as 'approve', 'authorization', 'dangerous action', 'destructive', or 'irreversible'. | 2 / 3 |
Distinctiveness Conflict Risk | The confirmation/approval niche is fairly distinct, but 'significant action' and 'impactful operations' are broad enough that this could potentially conflict with other workflow or approval-related skills. The security context (analyst, containment, remediation) helps narrow it somewhat. | 2 / 3 |
Total | 9 / 12 Passed |
Implementation
42%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill provides a reasonable conceptual framework for confirmation prompts but lacks actionable implementation details. The 'When to Use' guidance is valuable for decision-making, but the skill reads more like documentation of a pattern than executable instructions Claude can follow. The examples illustrate the concept well but don't show how to actually implement the confirmation mechanism.
Suggestions
Add concrete implementation showing how to actually present the confirmation and capture the response (e.g., specific function calls, message formatting, or tool usage patterns)
Include guidance on handling negative responses - what should the workflow do when the user says 'No' or selects 'Monitor Only'?
Provide a complete example showing the confirmation integrated into a calling workflow with decision branching based on USER_RESPONSE
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is reasonably efficient but includes some unnecessary structure like the formal Inputs/Outputs tables and workflow steps for what is essentially a simple confirmation prompt pattern. The 'When to Use' section adds value but could be more compact. | 2 / 3 |
Actionability | The skill describes a confirmation workflow conceptually but provides no executable code, API calls, or concrete implementation. The examples show what confirmations look like but not how to actually implement them - it's descriptive rather than instructive. | 1 / 3 |
Workflow Clarity | The three-step workflow (Present, Wait, Return) is clear but extremely generic. For a skill about confirming before destructive actions, there's no guidance on what happens if the user says no, how to handle timeouts, or how to integrate with the calling workflow. | 2 / 3 |
Progressive Disclosure | For a simple, single-purpose skill under 50 lines, the content is well-organized with clear sections (Inputs, Workflow, Outputs, When to Use, Examples). No external references are needed and the structure is easy to navigate. | 3 / 3 |
Total | 8 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Repository
- dandye/ai-runbooks
- Commit
4d132c7
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.