Content
72%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
The body is highly actionable with concrete tiers, an exact override mechanism, and explicit approval gates, and it is sensibly self-contained for a safety skill. Its main weaknesses are muddled process numbering that conflates exceptions with steps and some ALL-CAPS redundancy that could be tightened.
Suggestions
Restructure <process> so numbered items are only sequential actions; move Examples and Exceptions into clearly labeled sub-lists so the action sequence is unambiguous.
Reduce ALL-CAPS 'MUST'/'CRITICAL' repetition and deduplicate the blast-radius framing between <process> and <hook> to recover token budget.
Consider moving the Threat model table to a reference file if the skill grows, keeping the SKILL.md overview lean.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The body is focused and assumes Claude's competence (no basic-concept explanation), but ALL-CAPS directives and some redundancy between the <process> and <hook> sections, plus an elaborate threat-model table, leave room to tighten. | 2 / 3 |
Actionability | Guidance is concrete and copy-paste ready: specific tiered command examples ('rm -rf /', 'mkfs', 'dd of=/dev/', 'curl | sh'), an exact override token ('Rosetta-AI-reviewed'), and per-tool field lists (Bash command, Write content, Edit new_string, MCP command/sql/query) with precise detection rules. | 3 / 3 |
Workflow Clarity | The override and hard-deny flows are clear sequences with explicit validation/approval checkpoints and a feedback loop, but the top-level <process> muddles examples and exceptions into the step numbering (steps 5-7 are exceptions, not actions), creating sequence ambiguity in a destructive-operation context. | 2 / 3 |
Progressive Disclosure | No bundle files exist and the skill is a single self-contained safety gate; content is well-organized into signaled sections (Two-tier policy, Threat model, Override mechanism, Hard-deny tier) with no nested references, which is appropriate for in-context loading. | 3 / 3 |
Total | 10 / 12 Passed |