apollo-enterprise-rbac
Enterprise role-based access control for Apollo.io. Use when implementing team permissions, restricting data access, or setting up enterprise security controls. Trigger with phrases like "apollo rbac", "apollo permissions", "apollo roles", "apollo team access", "apollo enterprise security".
61
73%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./plugins/saas-packs/apollo-pack/skills/apollo-enterprise-rbac/SKILL.mdQuality
Discovery
89%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a solid skill description that clearly identifies its niche (Apollo.io RBAC), provides explicit trigger terms, and answers both what and when. The main weakness is that the specific capabilities could be more granular—listing concrete actions like creating roles, assigning permissions, or configuring access policies would strengthen the specificity dimension.
Suggestions
Add more specific concrete actions such as 'create custom roles, assign granular permissions, configure team hierarchies, manage API access scopes' to improve specificity.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (Apollo.io RBAC) and mentions some actions like 'implementing team permissions', 'restricting data access', and 'setting up enterprise security controls', but these are somewhat general and don't list specific concrete operations (e.g., creating roles, assigning permissions to endpoints, configuring SSO). | 2 / 3 |
Completeness | Clearly answers both 'what' (enterprise role-based access control for Apollo.io) and 'when' (implementing team permissions, restricting data access, setting up enterprise security controls), with explicit trigger phrases provided. | 3 / 3 |
Trigger Term Quality | Explicitly lists natural trigger phrases like 'apollo rbac', 'apollo permissions', 'apollo roles', 'apollo team access', 'apollo enterprise security'. These are terms users would naturally use when needing this skill, with good coverage of variations. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive due to the specific combination of Apollo.io and RBAC/enterprise security. The trigger terms are all prefixed with 'apollo', making it very unlikely to conflict with generic permission or security skills. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
57%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
The skill provides highly actionable, executable TypeScript code for implementing Apollo RBAC with a clear five-step structure. However, it suffers from poor progressive disclosure—all code is inlined in a single monolithic file rather than being split into referenced bundle files. The workflow also lacks validation checkpoints critical for a security-focused implementation.
Suggestions
Extract the TypeScript code blocks into separate bundle files (e.g., src/rbac/roles.ts, src/rbac/api-keys.ts, etc.) and reference them from SKILL.md with brief descriptions of each file's purpose.
Add explicit validation checkpoints between steps, such as 'Test key creation with curl' after Step 2 and 'Verify permission denial for unauthorized roles' after Step 3.
Add a quick-start section at the top showing the minimal setup (install deps, set env var, run server) before diving into the detailed implementation steps.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is fairly long with extensive inline code that could be split into referenced files. The permission matrix is fully spelled out for all 5 roles which is verbose but arguably necessary for clarity. Some sections like the Overview and Output could be tightened. | 2 / 3 |
Actionability | The skill provides fully executable TypeScript code across all five steps—type definitions, key management, middleware, proxy, and admin routes are all copy-paste ready with concrete implementations and real Apollo API paths. | 3 / 3 |
Workflow Clarity | The five steps are clearly sequenced and logically ordered, but there are no explicit validation checkpoints (e.g., testing the middleware works, verifying key creation, or validating the proxy before going live). For a security-critical system like RBAC, missing verification steps is a notable gap. | 2 / 3 |
Progressive Disclosure | All content is monolithically inlined in a single file with no bundle files to support it. Over 200 lines of TypeScript code that should be in separate referenced files (roles.ts, api-keys.ts, middleware.ts, proxy.ts, admin.ts) are all embedded directly, making the skill a wall of code. | 1 / 3 |
Total | 8 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
6e9558f
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.