auditing-wallet-security
Audit wallet security by analyzing token approvals, permissions, and transaction patterns. Use when checking wallet security, reviewing approvals, or assessing risk exposure. Trigger with phrases like "audit wallet", "check approvals", "security scan", or "revoke tokens".
84
82%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Advisory
Suggest reviewing before use
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a well-crafted skill description that clearly communicates its purpose, provides explicit trigger guidance, and uses domain-specific terminology that distinguishes it from other skills. It follows best practices by using third person voice, including a 'Use when' clause, and listing natural trigger phrases. The description is concise yet comprehensive.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'analyzing token approvals, permissions, and transaction patterns'. Also mentions specific outcomes like 'checking wallet security, reviewing approvals, assessing risk exposure'. | 3 / 3 |
Completeness | Clearly answers both 'what' (audit wallet security by analyzing token approvals, permissions, and transaction patterns) and 'when' (explicit 'Use when...' clause plus a 'Trigger with phrases like...' clause providing concrete trigger guidance). | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural trigger terms users would say: 'audit wallet', 'check approvals', 'security scan', 'revoke tokens'. These are realistic phrases a user would naturally use when needing this skill. | 3 / 3 |
Distinctiveness Conflict Risk | Occupies a clear niche around wallet security auditing, token approvals, and revocation. The domain-specific terminology (token approvals, wallet, revoke tokens) makes it highly unlikely to conflict with other skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
64%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured skill with excellent actionability—every command is concrete and executable with real examples. However, it's somewhat verbose with decorative output examples and inline content that could be offloaded to reference files. The workflow lacks explicit validation checkpoints and feedback loops, which is notable for a security-focused tool where acting on results matters.
Suggestions
Add a validation/decision workflow after the security scan: e.g., 'If score < 50, immediately run revoke-list; if CRITICAL findings, flag specific approvals before proceeding.'
Move the ASCII output example and detailed score component breakdowns to a reference file to reduce the main skill's token footprint.
Remove the Resources section or trim it significantly—Claude already knows about revoke.cash, Etherscan, and ERC20 approval events.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is mostly efficient but includes some unnecessary sections like the ASCII art output example, verbose numbered lists for score components and risk levels, and the Resources section with information Claude likely already knows. The output section is decorative rather than instructional. | 2 / 3 |
Actionability | Every command is fully executable with concrete CLI syntax, real example addresses, specific flags, and clear options. The commands are copy-paste ready and cover all major use cases with specific chain options and output formats. | 3 / 3 |
Workflow Clarity | Steps are clearly listed and sequenced (approvals → scan → score → history → revoke-list → report), but there are no validation checkpoints or feedback loops. For a security auditing tool, there should be explicit guidance on what to do when a scan reveals critical issues, and verification steps after generating revoke lists. | 2 / 3 |
Progressive Disclosure | References to external files exist (errors.md, examples.md) which is good, but the SKILL.md itself is quite long with inline content that could be offloaded (the full output example, the detailed score components breakdown, the resources section). The error handling table and examples are partially duplicated between inline content and referenced files. | 2 / 3 |
Total | 9 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
3a2d27d
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.