secops-setup-gemini
Helps the user configure the Google SecOps Remote MCP Server for Gemini CLI. Use this when the user asks to "set up" or "configure" the security tools for Gemini CLI.
82
73%
Does it follow best practices?
Impact
100%
2.94xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Optimize this skill with Tessl
npx tessl skill review --optimize ./extensions/google-secops/skills/setup-gemini-cli/SKILL.mdQuality
Discovery
75%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
The description adequately identifies a clear niche and provides explicit 'when to use' triggers, which are its main strengths. However, it lacks specificity in the concrete actions performed during configuration and could include more natural trigger term variations that users might employ when seeking this functionality.
Suggestions
Add specific concrete actions such as 'generates configuration files, sets API credentials, registers MCP endpoints' to improve specificity.
Expand trigger terms to include variations like 'install', 'connect', 'MCP server', 'SecOps integration', 'remote server setup' to improve keyword coverage.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description names the domain (Google SecOps Remote MCP Server for Gemini CLI) and a general action (configure), but does not list specific concrete actions like 'create config files', 'set API keys', 'register endpoints', etc. | 2 / 3 |
Completeness | The description clearly answers both 'what' (configure the Google SecOps Remote MCP Server for Gemini CLI) and 'when' (when the user asks to 'set up' or 'configure' the security tools for Gemini CLI), with explicit trigger guidance. | 3 / 3 |
Trigger Term Quality | Includes some natural keywords like 'set up', 'configure', 'security tools', 'Gemini CLI', but misses common variations users might say such as 'install', 'connect', 'MCP server setup', 'SecOps integration', 'Google security', or 'remote server'. | 2 / 3 |
Distinctiveness Conflict Risk | The description targets a very specific niche — Google SecOps Remote MCP Server configuration for Gemini CLI — which is unlikely to conflict with other skills due to its highly specific product and tool combination. | 3 / 3 |
Total | 10 / 12 Passed |
Implementation
72%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured setup guide with concrete, actionable commands and configuration snippets. Its main weakness is the lack of validation checkpoints and error recovery guidance after the configuration step — the verification section is minimal with no troubleshooting path. The content is mostly concise but could trim the meta-instructions slightly.
Suggestions
Add error recovery guidance in the Verification section: what to do if the test command fails (e.g., check auth, verify PROJECT_ID, confirm config.json syntax).
Add a validation step between configuration and verification, such as instructing Claude to read back the config.json to confirm the entry was added correctly.
Remove the opening 'You are an expert...' line — it wastes tokens on a role declaration that doesn't add actionable value.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Mostly efficient but includes some unnecessary framing ('You are an expert in configuring...') and could be tightened. The instructional prompts like 'Ask if uv is installed' and 'Ask: Have you run...' are meta-instructions to Claude rather than direct content, which adds slight overhead but is reasonable for an interactive setup flow. | 2 / 3 |
Actionability | Provides fully concrete, copy-paste ready commands and configuration JSON. Every step has specific commands (curl for uv install, gcloud auth commands, exact JSON config block, and a verification command). The placeholders are clearly marked. | 3 / 3 |
Workflow Clarity | Steps are clearly sequenced (prerequisites → configuration → verification), but there are no validation checkpoints or error recovery steps. For example, there's no guidance on what to do if the verification command fails, no check that the config.json was properly updated, and no feedback loop for common errors like invalid PROJECT_ID or CUSTOMER_ID. | 2 / 3 |
Progressive Disclosure | For a simple, single-purpose skill under 50 lines with no need for external references, the content is well-organized into clear sections (Prerequisite Checks, Configuration Steps, Verification) with appropriate depth for the task. | 3 / 3 |
Total | 10 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Repository
- google/mcp-security
- Commit
fb807e9
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.