endor-scan-full

Comprehensive security scan with full reachability analysis. Builds call graphs to determine which vulnerabilities are actually exploitable in your code. Use when the user says "full scan", "deep scan", "reachability scan", "which vulns are actually reachable", "endor scan full", or before a release. Takes 2-5 minutes. Do NOT use for quick daily scans (/endor-scan) or checking individual packages (/endor-check).

Quality

88%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Advisory

Suggest reviewing before use

Quality

Content

77%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This is a well-structured, highly actionable skill with clear workflow sequencing and robust error handling. The caching strategy is thoroughly specified with appropriate validation checkpoints. Minor weaknesses include some verbosity in explanatory sections and references to bundle files that weren't provided for verification.

Suggestions

Trim the 'Quick Scan vs Full Scan' comparison table — Claude can infer differences from context; a single sentence distinguishing them would suffice.

Remove the quoted warning block in Step 3 — instead just instruct Claude to inform the user about expected duration, saving tokens on the exact phrasing.

Dimension	Reasoning	Score
Conciseness	Generally efficient but includes some unnecessary elements like the duration warning text (Claude doesn't need to be told to warn users in a quoted block) and the Quick Scan vs Full Scan comparison table which is more informational than instructional. The cache format JSON and priority classification tables earn their place, but some sections could be tightened.	2 / 3
Actionability	Provides concrete MCP tool parameters (path, scan_types, scan_options), a complete CLI fallback command, specific cache file paths, exact JSON cache format, and detailed priority classification rules. The workflow steps are specific and executable with clear tool invocations.	3 / 3
Workflow Clarity	Excellent multi-step workflow with clear sequencing (Steps 1-5), explicit validation checkpoints (check cache before scanning, don't write cache on failure, fetch details after successful scan), error recovery table, and a feedback loop for cache management. The cache-first pattern is well-defined with clear branching logic.	3 / 3
Progressive Disclosure	References to 'references/reachability-tags.md' and 'references/data-sources.md' are well-signaled and one level deep, but no bundle files were provided to verify these exist. The skill itself is moderately long (~120 lines) and some content like the priority classification table and error handling could potentially be split out, though keeping them inline is defensible.	2 / 3
	Total	10 / 12 Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is an excellent skill description that hits all the marks. It provides specific capabilities (call graph building, reachability analysis), comprehensive trigger terms covering natural user language, explicit 'Use when' and 'Do NOT use' clauses, and clear differentiation from related skills. The inclusion of expected duration (2-5 minutes) and negative boundaries further strengthens its utility for skill selection.

Dimension	Reasoning	Score
Specificity	Lists multiple specific concrete actions: 'security scan', 'full reachability analysis', 'builds call graphs', 'determine which vulnerabilities are actually exploitable'. These are concrete, well-defined capabilities.	3 / 3
Completeness	Clearly answers both 'what' (comprehensive security scan with reachability analysis, builds call graphs to find exploitable vulnerabilities) and 'when' (explicit 'Use when' clause with multiple trigger phrases). Also includes helpful negative guidance ('Do NOT use for...').	3 / 3
Trigger Term Quality	Excellent coverage of natural trigger terms: 'full scan', 'deep scan', 'reachability scan', 'which vulns are actually reachable', 'endor scan full', 'before a release'. These are phrases users would naturally say.	3 / 3
Distinctiveness Conflict Risk	Highly distinctive with explicit differentiation from related skills (/endor-scan for quick daily scans, /endor-check for individual packages). The negative guidance creates clear boundaries, making it very unlikely to conflict with similar security scanning skills.	3 / 3
	Total	12 / 12 Passed

Validation

100%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 11 / 11 Passed

Validation for skill structure

No warnings or errors.

Repository: endorlabs/skills-ideas
Commit: b958adc

Reviewed: about 1 month ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.