authorization-pundit
Implements policy-based authorization with Pundit for resource access control. Use when adding authorization rules, checking permissions, restricting actions, role-based access, or when user mentions Pundit, policies, authorization, or permissions.
Install with Tessl CLI
npx tessl i github:fernandezbaptiste/rails_ai_agents --skill authorization-pundit85
Does it follow best practices?
If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:
npx tessl skill review --optimize ./path/to/skillValidation for skill structure
Discovery
89%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a well-crafted skill description with strong trigger terms and explicit 'Use when' guidance that clearly defines both purpose and activation conditions. The main weakness is that the 'what' portion could be more specific about concrete actions (e.g., creating policy classes, defining permitted attributes, authorizing controller actions). Overall, it should perform well in skill selection scenarios.
Suggestions
Enhance specificity by listing concrete actions like 'create policy classes, define scopes, authorize controller actions, specify permitted attributes'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (Pundit, authorization) and mentions 'policy-based authorization' and 'resource access control', but doesn't list multiple concrete actions like 'create policies', 'define scopes', 'authorize controllers'. | 2 / 3 |
Completeness | Clearly answers both what ('Implements policy-based authorization with Pundit for resource access control') and when ('Use when adding authorization rules, checking permissions, restricting actions, role-based access, or when user mentions Pundit, policies, authorization, or permissions'). | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural terms users would say: 'authorization rules', 'checking permissions', 'restricting actions', 'role-based access', 'Pundit', 'policies', 'authorization', 'permissions' - these are all terms users naturally use when needing this functionality. | 3 / 3 |
Distinctiveness Conflict Risk | Very distinct niche - specifically targets Pundit gem for Ruby/Rails authorization. The explicit mention of 'Pundit' and 'policy-based' clearly distinguishes it from generic permission systems or other authorization approaches. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
77%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a solid, actionable skill for Pundit authorization with excellent executable examples and clear TDD workflow. The main weakness is verbosity - the full ApplicationPolicy boilerplate and multiple similar policy variations inflate the token count. The content would benefit from splitting into a concise SKILL.md overview with references to detailed examples.
Suggestions
Remove or significantly condense the full ApplicationPolicy base class - Claude can generate standard Pundit boilerplate
Move advanced sections (Nested Resource Policies, Permitted Attributes, Headless Policies) to a separate ADVANCED.md file with clear references
Consolidate the three policy implementation examples (Basic, Role-Based, Conditions) into one comprehensive example with inline comments for variations
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is comprehensive but includes some redundancy (e.g., full ApplicationPolicy base class that Claude could generate, multiple similar policy examples). The content could be tightened by removing boilerplate that follows obvious conventions. | 2 / 3 |
Actionability | Excellent executable code throughout - complete policy specs, controller implementations, view helpers, and configuration examples. All code is copy-paste ready with realistic patterns for multi-tenant Rails apps. | 3 / 3 |
Workflow Clarity | Clear TDD workflow with explicit checklist, step-by-step progression from spec to implementation to controller integration. The checklist at the end provides validation checkpoints for the authorization implementation process. | 3 / 3 |
Progressive Disclosure | Content is well-organized with clear sections, but it's a monolithic document (~400 lines) that could benefit from splitting advanced topics (nested resources, permitted attributes, headless policies) into separate reference files. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
skill_md_line_count | SKILL.md is long (696 lines); consider splitting into references/ and linking | Warning |
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
Total | 9 / 11 Passed | |
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.