apollo-security-basics

Apply Apollo.io API security best practices. Use when securing Apollo integrations, managing API keys, or implementing secure data handling. Trigger with phrases like "apollo security", "secure apollo api", "apollo api key security", "apollo data protection".

Install with Tessl CLI

npx tessl i github:jeremylongshore/claude-code-plugins-plus-skills --skill apollo-security-basics

What are skills?

1.56x

Quality

83%

Does it follow best practices?

Impact

100%

1.56x

Average score across 3 eval scenarios

SKILL.md

Review

Evals

Discovery

89%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is a well-structured skill description with strong completeness and excellent trigger term coverage. The main weakness is that the capabilities described are somewhat generic security concepts rather than specific concrete actions. The description correctly uses third person voice and provides clear guidance on when to use the skill.

Suggestions

Add more specific concrete actions like 'rotate API keys', 'implement OAuth flows', 'configure rate limiting', or 'audit API access logs' to improve specificity.

Dimension	Reasoning	Score
Specificity	Names the domain (Apollo.io API security) and mentions some actions ('securing Apollo integrations, managing API keys, implementing secure data handling'), but these are somewhat generic security concepts rather than multiple specific concrete actions like 'rotate keys', 'encrypt tokens', or 'audit access logs'.	2 / 3
Completeness	Clearly answers both what ('Apply Apollo.io API security best practices') and when ('Use when securing Apollo integrations, managing API keys, or implementing secure data handling') with explicit trigger guidance including specific phrases.	3 / 3
Trigger Term Quality	Explicitly lists natural trigger phrases users would say: 'apollo security', 'secure apollo api', 'apollo api key security', 'apollo data protection'. These are realistic terms a user would naturally use when needing this skill.	3 / 3
Distinctiveness Conflict Risk	Highly specific to Apollo.io API security with distinct triggers mentioning 'apollo' explicitly. Unlikely to conflict with generic security skills or other API integration skills due to the Apollo-specific terminology throughout.	3 / 3
	Total	11 / 12 Passed

Implementation

77%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This is a strong security skill with excellent actionable code examples and clear checklists. The main weakness is length - full class implementations could be extracted to referenced files to improve token efficiency. The security patterns are practical and the error handling guidance is well-structured.

Suggestions

Extract full class implementations (ApiKeyManager, SecureCache, PII handler) to separate reference files, keeping only key patterns and usage examples in the main skill

Consider consolidating the three checklists into a single comprehensive checklist or moving detailed checklists to a separate CHECKLIST.md file

Dimension	Reasoning	Score
Conciseness	The skill is comprehensive but includes some verbose sections. The code examples are thorough but could be tightened - for instance, the full SecureCache class implementation and KeyRotation class could be summarized with key patterns rather than complete implementations.	2 / 3
Actionability	Excellent executable code examples throughout - TypeScript implementations are copy-paste ready, bash commands are specific, and patterns are immediately usable. The BAD/GOOD/BETTER progression for API key handling is particularly effective.	3 / 3
Workflow Clarity	Clear checklists with explicit validation steps for pre-deployment, production, and compliance phases. The key rotation workflow includes validation (testKey) before proceeding. Error handling table provides clear mitigation steps for security incidents.	3 / 3
Progressive Disclosure	Content is well-organized with clear sections, but the skill is quite long (~300 lines) with full implementations inline. Some code (like the complete SecureCache or ApiKeyManager classes) could be referenced from separate files. The 'Next Steps' reference to apollo-prod-checklist is good.	2 / 3
	Total	10 / 12 Passed

Validation

81%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 9 / 11 Passed

Validation for skill structure

Criteria	Description	Result
allowed_tools_field	'allowed-tools' contains unusual tool name(s)	Warning
frontmatter_unknown_keys	Unknown frontmatter key(s) found; consider removing or moving to metadata	Warning

	Total	9 / 11 Passed

Reviewed: 2 days ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.