api-key-manager
Api Key Manager - Auto-activating skill for Security Fundamentals. Triggers on: api key manager, api key manager Part of the Security Fundamentals skill category.
Install with Tessl CLI
npx tessl i github:jeremylongshore/claude-code-plugins-plus-skills --skill api-key-managerOverall
score
17%
Does it follow best practices?
Validation for skill structure
Activation
0%This description is severely deficient across all dimensions. It provides only a skill name and category without any explanation of capabilities, concrete actions, or meaningful trigger guidance. The repeated trigger term and boilerplate structure suggest auto-generated content that fails to communicate the skill's purpose.
Suggestions
Add specific actions the skill performs (e.g., 'Securely stores, retrieves, and rotates API keys and credentials. Manages environment variables and secrets.')
Include a 'Use when...' clause with natural trigger terms like 'store api key', 'manage secrets', 'credentials', 'environment variables', '.env files', 'rotate keys'
Describe the specific security context to distinguish from other security skills (e.g., credential management vs. vulnerability scanning vs. authentication)
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description contains no concrete actions whatsoever. 'Api Key Manager' is just a name, and 'Auto-activating skill for Security Fundamentals' provides no information about what the skill actually does. | 1 / 3 |
Completeness | The description fails to answer both 'what does this do' and 'when should Claude use it'. There is no explanation of capabilities and no meaningful usage guidance beyond the redundant trigger phrase. | 1 / 3 |
Trigger Term Quality | The only trigger terms listed are 'api key manager' repeated twice, which is the skill name itself rather than natural user language. Missing terms users would actually say like 'store api key', 'manage secrets', 'rotate credentials', etc. | 1 / 3 |
Distinctiveness Conflict Risk | The description is too vague to be distinctive. 'Security Fundamentals' is generic, and without knowing what the skill actually does, it could conflict with any security-related skill. | 1 / 3 |
Total | 4 / 12 Passed |
Implementation
0%This skill content is entirely boilerplate with no actual substance about API key management. It describes what the skill claims to do but provides zero actionable guidance, code examples, security practices, or concrete instructions. The content would be identical if you replaced 'api key manager' with any other topic.
Suggestions
Add concrete code examples showing secure API key storage patterns (e.g., environment variables, secrets managers, encrypted config files)
Include specific security practices: key rotation procedures, avoiding hardcoded keys, secure transmission methods
Provide a clear workflow for API key lifecycle management: generation, storage, rotation, revocation
Add validation steps and common pitfalls to avoid (e.g., committing keys to version control, logging keys)
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is padded with generic boilerplate that explains nothing specific about API key management. Phrases like 'provides automated assistance' and 'follows industry best practices' are filler that Claude doesn't need. | 1 / 3 |
Actionability | No concrete code, commands, or specific guidance is provided. The skill describes what it does abstractly ('provides step-by-step guidance') but never actually provides any guidance on API key management. | 1 / 3 |
Workflow Clarity | No workflow, steps, or process is defined. The content only describes trigger conditions and vague capabilities without any actual instructions for managing API keys. | 1 / 3 |
Progressive Disclosure | The content is a monolithic block of generic text with no structure pointing to detailed materials, no references to related documentation, and no organization of content by complexity or use case. | 1 / 3 |
Total | 4 / 12 Passed |
Validation
69%Validation — 11 / 16 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
description_trigger_hint | Description may be missing an explicit 'when to use' trigger hint (e.g., 'Use when...') | Warning |
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
metadata_version | 'metadata' field is not a dictionary | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
body_steps | No step-by-step structure detected (no ordered list); consider adding a simple workflow | Warning |
Total | 11 / 16 Passed | |
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.