cognito

AWS Cognito user authentication and authorization service. Use when setting up user pools, configuring identity pools, implementing OAuth flows, managing user attributes, or integrating with social identity providers.

1.11x

Quality

78%

Does it follow best practices?

Impact

90%

1.11x

Average score across 3 eval scenarios

Securityby

Risky

Do not use without reviewing

Fix and improve this skill with Tessl

tessl review fix ./skills/cognito/SKILL.md

Quality

Content

57%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The skill excels at actionability with complete, executable code examples covering the full Cognito lifecycle. However, it's overly long for a single SKILL.md file, mixing reference material (CLI tables, concept explanations) with operational guidance. It would benefit from splitting into overview + reference files and adding a clear sequential workflow for common setup scenarios.

Suggestions

Extract the CLI Reference tables and Core Concepts section into separate reference files (e.g., CLI_REFERENCE.md, CONCEPTS.md) and link to them from the main skill

Add a clear numbered end-to-end workflow section (e.g., 'Setting up Cognito from scratch: 1. Create pool → 2. Create client → 3. Configure domain → 4. Verify with test sign-up') with validation checkpoints

Remove the Core Concepts section or reduce it to a single-line summary per concept — Claude already understands User Pools, Identity Pools, and OAuth tokens

Add a verification step after user pool creation (e.g., 'Verify: aws cognito-idp describe-user-pool --user-pool-id <id> and confirm settings match expectations')

Dimension	Reasoning	Score
Conciseness	The skill includes some unnecessary explanatory content (Core Concepts section explaining what User Pools and Identity Pools are, which Claude already knows), and the CLI Reference tables are largely redundant since Claude knows AWS CLI commands. However, the code examples themselves are lean and the token table is useful.	2 / 3
Actionability	The skill provides fully executable, copy-paste ready code examples for all major operations: user pool creation, app client setup, sign-up, authentication, token refresh, identity pool creation, credential retrieval, and JWT validation. CLI commands are complete with all necessary flags.	3 / 3
Workflow Clarity	While individual operations are well-documented, there's no clear end-to-end workflow sequencing the steps (create pool → create client → sign up → confirm → authenticate). The troubleshooting section provides some validation guidance, but there are no explicit validation checkpoints or feedback loops in the setup process.	2 / 3
Progressive Disclosure	This is a monolithic wall of content (~300 lines) with no bundle files to offload detail into. The CLI reference tables, detailed troubleshooting, and extensive code examples could be split into separate files. The Table of Contents helps navigation but doesn't compensate for the lack of content separation.	1 / 3
	Total	8 / 12 Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is a well-crafted skill description that clearly identifies the domain (AWS Cognito), lists specific capabilities, and provides explicit trigger conditions. It uses third-person voice, includes natural keywords developers would use, and is distinct enough to avoid conflicts with other authentication or AWS-related skills.

Dimension	Reasoning	Score
Specificity	Lists multiple specific concrete actions: setting up user pools, configuring identity pools, implementing OAuth flows, managing user attributes, and integrating with social identity providers.	3 / 3
Completeness	Clearly answers both 'what' (AWS Cognito user authentication and authorization service) and 'when' with an explicit 'Use when...' clause listing five specific trigger scenarios.	3 / 3
Trigger Term Quality	Includes strong natural keywords users would say: 'Cognito', 'user pools', 'identity pools', 'OAuth flows', 'user attributes', 'social identity providers'. These cover the main terms a developer would use when seeking help with AWS Cognito.	3 / 3
Distinctiveness Conflict Risk	Highly distinctive with AWS Cognito-specific terminology like 'user pools', 'identity pools', and 'OAuth flows' that clearly distinguish it from generic auth skills or other AWS service skills.	3 / 3
	Total	12 / 12 Passed

Validation

90%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 10 / 11 Passed

Validation for skill structure

Criteria	Description	Result
frontmatter_unknown_keys	Unknown frontmatter key(s) found; consider removing or moving to metadata	Warning

	Total	10 / 11 Passed

Repository: itsmostafa/aws-agent-skills
Commit: 4ab904a

Reviewed: about 1 month ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.