CtrlK
BlogDocsLog inGet started
Tessl Logo

repomix-safe-mixer

Safely package codebases with repomix by automatically detecting and removing hardcoded credentials before packing. Use when packaging code for distribution, creating reference packages, or when the user mentions security concerns about sharing code with repomix.

75

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Critical

Do not install without reviewing

SKILL.md
Quality
Evals
Security

Quality

Content

85%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The body is highly actionable with clear validated workflows and well-structured progressive disclosure pointing to real bundle files. Its main weakness is conciseness: repeated command examples and general-knowledge padding could be trimmed.

Suggestions

Consolidate the repeated safe_pack.py --output/--config examples; show each option once in the Options section and reference it elsewhere instead of re-listing full commands in Integration and Example Workflows.

Trim or remove the Post-Exposure Actions list, which states general security incident-response practices Claude already knows; link out or keep only skill-specific guidance.

Move the inline Detected Secret Types / Common False Positives catalogs fully into references/common_secrets.md, keeping only a brief summary in SKILL.md to reduce duplication with the reference file.

DimensionReasoningScore

Conciseness

The ~310-line body repeats the same safe_pack.py invocations (--output/--config) across Core Workflow, Options, Integration, and Example Workflows, and the Post-Exposure Actions section restates general incident-response practice Claude already knows. It is mostly efficient but could be tightened.

2 / 3

Actionability

Fully executable commands reference real, verified scripts with concrete flags (--output, --config, --exclude, --force, --json) plus a copy-paste before/after env-var example.

3 / 3

Workflow Clarity

The scan → report → block-if-secrets → pack flow includes an explicit 'Verify Cleanup' re-scan checkpoint and exit-code feedback loops (exit 1 blocks commit, 0 allows).

3 / 3

Progressive Disclosure

Overview summarizes detected types inline and signals the one-level-deep reference ('See references/common_secrets.md for complete list'), with scripts externalized as real files and a Resources section for navigation.

3 / 3

Total

11

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is third-person, concise, and clearly states both capability and explicit trigger conditions. It is distinguishable and unlikely to conflict with other skills.

DimensionReasoningScore

Specificity

Lists multiple concrete actions — 'package codebases with repomix', 'detecting and removing hardcoded credentials', 'before packing' — rather than vague language.

3 / 3

Completeness

Explicitly answers both what it does (detect/remove credentials then pack with repomix) and when to use it via an explicit 'Use when…' clause.

3 / 3

Trigger Term Quality

Covers natural user phrasings — 'packaging code for distribution', 'creating reference packages', 'security concerns about sharing code with repomix' — that a user would plausibly say.

3 / 3

Distinctiveness Conflict Risk

A clear repomix-plus-credential-safety niche with repomix-specific triggers makes it unlikely to fire for unrelated skills.

3 / 3

Total

12

/

12

Passed

Validation

100%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation16 / 16 Passed

Validation for skill structure

No warnings or errors.

Repository
daymade/claude-code-skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.