secops-setup-antigravity
Helps the user configure the Google SecOps Remote MCP Server for Antigravity. Use this when the user asks to "set up" or "configure" the security tools for Antigravity.
75
62%
Does it follow best practices?
Impact
100%
1.53xAverage score across 3 eval scenarios
Risky
Do not use without reviewing
Optimize this skill with Tessl
npx tessl skill review --optimize ./extensions/google-secops/skills/setup-antigravity/SKILL.mdQuality
Discovery
75%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
The description has good completeness with an explicit 'Use when' clause and is highly distinctive due to its specific product focus. However, it lacks specificity in the concrete actions involved in configuration and could benefit from more natural trigger term variations that users might use when seeking this skill.
Suggestions
Add specific concrete actions involved in configuration, e.g., 'Configures authentication credentials, sets up API endpoints, and defines alert forwarding rules for the Google SecOps Remote MCP Server.'
Expand trigger terms to include variations like 'Google SecOps', 'MCP server', 'security operations', 'SIEM setup', or 'SecOps integration' to improve matching.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description names the domain ('Google SecOps Remote MCP Server for Antigravity') and a general action ('configure'), but does not list multiple specific concrete actions like setting up authentication, defining endpoints, or configuring alert rules. | 2 / 3 |
Completeness | The description answers both 'what does this do' (helps configure the Google SecOps Remote MCP Server for Antigravity) and 'when should Claude use it' with an explicit 'Use this when...' clause specifying trigger conditions. | 3 / 3 |
Trigger Term Quality | Includes some natural trigger terms like 'set up', 'configure', 'security tools', and 'Antigravity', but misses common variations users might say such as 'Google SecOps', 'MCP server', 'remote server setup', 'security operations', or 'SIEM'. | 2 / 3 |
Distinctiveness Conflict Risk | The description is highly specific to a particular product combination (Google SecOps Remote MCP Server + Antigravity), making it very unlikely to conflict with other skills. The niche is clearly defined. | 3 / 3 |
Total | 10 / 12 Passed |
Implementation
50%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill provides a reasonable walkthrough for configuring the Google SecOps Remote MCP Server, with clear prerequisite checks and a logical flow. However, it lacks validation/backup steps for the destructive config merge operation, and the actionability is weakened by describing the merge logic abstractly rather than providing executable code or a concrete example of the final output.
Suggestions
Add an explicit backup step before modifying mcp_config.json (e.g., 'cp ~/.gemini/antigravity/mcp_config.json ~/.gemini/antigravity/mcp_config.json.bak') and a validation step after writing (e.g., verify JSON is valid with `python -m json.tool`).
Provide a concrete example of the final merged mcp_config.json output so Claude knows exactly what the target state looks like.
Replace the abstract merge description with executable code (Python or jq) that performs the read-merge-write operation, rather than describing it in prose.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Mostly efficient but includes some unnecessary framing ('You are an expert in...') and slightly verbose phrasing in places. The 'Ask:' prompts and option descriptions could be tighter, but overall it doesn't over-explain concepts Claude already knows. | 2 / 3 |
Actionability | Provides concrete bash commands for auth and a clear merge workflow, but key details are incomplete—the template file content isn't shown, the merge logic is described rather than given as executable code, and the token generation step uses shell substitution syntax without showing how to actually execute it and capture the result programmatically. | 2 / 3 |
Workflow Clarity | Steps are sequenced logically (prereqs → config → verify), but there are no validation checkpoints between steps. The merge operation is potentially destructive (overwriting mcp_config.json) yet lacks explicit backup or validation steps—only a post-hoc manual verification is suggested. | 2 / 3 |
Progressive Disclosure | References external files (mcp_config.template.json, .env.example) which is good progressive disclosure, but the references aren't clearly linked and the skill doesn't provide a quick-start summary. The content is reasonably organized into sections but could better signal where to find the referenced files. | 2 / 3 |
Total | 8 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Repository
- google/mcp-security
- Commit
c8d73ae
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.