api-key-manager

Api Key Manager - Auto-activating skill for Security Fundamentals. Triggers on: api key manager, api key manager Part of the Security Fundamentals skill category.

1.08x

Quality

Does it follow best practices?

Impact

92%

1.08x

Average score across 3 eval scenarios

Securityby

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./planned-skills/generated/03-security-fundamentals/api-key-manager/SKILL.md

Evaluation results

100%

API Key System for Developer Platform

Secure API key generation and storage

Criteria

Without context

With context

Cryptographic random generation

100%

Keys hashed at rest

100%

No plaintext key logging

100%

Constant-time comparison

100%

Key prefix or identifier

100%

npm package usage

100%

Production-ready code completeness

100%

Key generation returns once

100%

Step-by-step documentation

100%

Sufficient key entropy

100%

Without context: $0.3751 · 1m 38s · 18 turns · 19 in / 6,077 out tokens

With context: $0.6581 · 2m 24s · 33 turns · 288 in / 9,482 out tokens

100%

API Authentication Middleware for Partner REST API

API key validation middleware and input security

Criteria

Without context

With context

Format validation before lookup

100%

Missing key rejection

100%

Timing-safe comparison

100%

No key in logs

100%

Rate limiting protection

100%

npm package for middleware

100%

Correct HTTP semantics

100%

Production-ready completeness

100%

Key extraction from standard header

100%

Vulnerability notes or OWASP alignment

100%

Without context: $0.4990 · 2m 21s · 26 turns · 27 in / 8,145 out tokens

With context: $0.6010 · 3m 1s · 32 turns · 34 in / 8,333 out tokens

78%

15%

API Key Lifecycle Management for Payment API

API key rotation, expiry, and revocation

Criteria

Without context

With context

Expiry timestamp stored

60%

Rotation creates new key

100%

Grace period overlap

100%

Revocation endpoint or function

100%

Hashing maintained through rotation

Revoked/expired keys distinguishable

50%

100%

npm package usage

No plaintext key persistence

50%

100%

Production-ready completeness

100%

Step-by-step rotation guide

100%

Without context: $0.4197 · 1m 51s · 22 turns · 21 in / 6,492 out tokens

With context: $0.6487 · 2m 57s · 29 turns · 31 in / 10,316 out tokens

Repository: jeremylongshore/claude-code-plugins-plus-skills
Commit: 994edc4

Evaluated: 17 days ago
Agent: Claude Code
Model: Claude Sonnet 4.6

Table of Contents

API Key System for Developer Platform API Authentication Middleware for Partner REST API API Key Lifecycle Management for Payment API

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.