apollo-enterprise-rbac
Enterprise role-based access control for Apollo.io. Use when implementing team permissions, restricting data access, or setting up enterprise security controls. Trigger with phrases like "apollo rbac", "apollo permissions", "apollo roles", "apollo team access", "apollo enterprise security".
80
77%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./plugins/saas-packs/apollo-pack/skills/apollo-enterprise-rbac/SKILL.mdQuality
Discovery
89%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a solid skill description that clearly identifies its niche (Apollo.io RBAC), provides explicit trigger guidance, and is highly distinctive. The main weakness is that the specific capabilities could be more concrete—listing actual actions like 'create custom roles', 'configure permission hierarchies', or 'audit access logs' would strengthen the specificity dimension.
Suggestions
Add more concrete actions beyond general phrases like 'implementing team permissions'—specify things like 'create custom roles, configure permission hierarchies, manage seat assignments, audit access controls'.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (Apollo.io RBAC) and mentions some actions like 'implementing team permissions', 'restricting data access', and 'setting up enterprise security controls', but these are somewhat general and don't list specific concrete actions like creating roles, assigning permissions to specific resources, or configuring access policies. | 2 / 3 |
Completeness | Clearly answers both 'what' (enterprise role-based access control for Apollo.io) and 'when' (implementing team permissions, restricting data access, setting up enterprise security controls) with explicit trigger phrases provided. | 3 / 3 |
Trigger Term Quality | Includes a good set of natural trigger terms: 'apollo rbac', 'apollo permissions', 'apollo roles', 'apollo team access', 'apollo enterprise security'. These cover common variations a user would naturally say when needing this skill, and the explicit listing of trigger phrases is helpful. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive due to the specific combination of Apollo.io platform and RBAC/enterprise security domain. The trigger terms are all prefixed with 'apollo' which makes conflicts with other skills very unlikely. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
64%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured, highly actionable skill with complete, executable TypeScript code for implementing RBAC over Apollo.io's API. Its main weaknesses are verbosity (the full permission matrix and all code inline makes it token-heavy) and the lack of validation/testing checkpoints in the workflow, which is important for a security-focused implementation. The content would benefit from progressive disclosure — keeping the overview and key patterns in SKILL.md while referencing detailed code in separate files.
Suggestions
Add validation checkpoints: include a step to test the middleware with a sample request, verify permission denials work correctly, and confirm the proxy forwards requests properly before deploying.
Move the full permission matrix and detailed code implementations into referenced files (e.g., ROLES.md, MIDDLEWARE.md) and keep only the architecture overview and key patterns in SKILL.md.
Add a quick-start section at the top showing the minimal setup (e.g., 5-10 lines) so Claude can grasp the pattern before diving into the full implementation.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is fairly long with extensive code blocks. The permission matrix is fully spelled out for all 5 roles × 11 permissions, which is verbose but arguably necessary for clarity. Some comments explain things Claude would know (e.g., what Express middleware is), but overall the code is functional rather than padded with explanations. | 2 / 3 |
Actionability | All code is fully executable TypeScript with proper imports, types, and Express patterns. Each step provides copy-paste ready code with clear file paths. The endpoint mapping, middleware, proxy, and admin routes are all concrete and complete. | 3 / 3 |
Workflow Clarity | The five steps are clearly sequenced and logically ordered (define roles → keys → middleware → proxy → admin). However, there are no validation checkpoints — no step to verify the middleware works, test the proxy, or validate the permission matrix. For a security-critical system like RBAC, missing verification/testing steps is a notable gap. | 2 / 3 |
Progressive Disclosure | The skill is a monolithic document with all implementation details inline. The permission matrix alone is ~40 lines that could be referenced externally. The Resources section links to external docs, and there's a 'Next Steps' reference, but the core content would benefit from splitting the full code into separate referenced files with just the overview and key patterns in SKILL.md. | 2 / 3 |
Total | 9 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
3e83543
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.