auditing-wallet-security

Audit wallet security by analyzing token approvals, permissions, and transaction patterns. Use when checking wallet security, reviewing approvals, or assessing risk exposure. Trigger with phrases like "audit wallet", "check approvals", "security scan", or "revoke tokens".

Quality

82%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Advisory

Suggest reviewing before use

Quality

Content

64%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This is a solid, actionable skill with clear CLI commands and good structure. Its main weaknesses are moderate verbosity (the output mockup, risk level tables, and recommendations could be trimmed or moved to reference files) and the lack of explicit validation/decision checkpoints in the workflow for handling different security findings. The progressive disclosure is partially implemented but the main file carries too much detail inline.

Suggestions

Add a decision-tree or feedback loop after the security scan step (e.g., 'If score < 50, immediately run revoke-list and address CRITICAL items before proceeding').

Move the ASCII output example, risk factors list, and recommendations section to a reference file to reduce the main SKILL.md length.

Trim the Overview paragraph—Claude doesn't need to be told what a security analysis tool is; jump straight to prerequisites and instructions.

Dimension	Reasoning	Score
Conciseness	The content is mostly efficient but includes some unnecessary sections like the ASCII art output example, verbose risk level breakdowns, and the recommendations section which are somewhat padded. The overview paragraph explaining what a security analysis tool does is slightly redundant given the description. However, most content is functional and relevant.	2 / 3
Actionability	Every command is concrete, copy-paste ready with specific CLI syntax, flags, and real example addresses. The numbered list format for options and the clear command patterns make it immediately executable.	3 / 3
Workflow Clarity	The steps are clearly listed and sequenced (approvals → scan → score → history → revoke-list → report), but there are no explicit validation checkpoints or feedback loops. For a security auditing tool, there should be guidance on what to do when the score is low or when critical risks are found—a decision tree or verification step after scanning.	2 / 3
Progressive Disclosure	References to external files like errors.md and examples.md are present and well-signaled, but the main SKILL.md is quite long with inline content (output examples, risk factors, recommendations) that could be offloaded to reference files. The output section and resources section add bulk that could be separate. Since no bundle files were provided, we can't verify the referenced paths exist.	2 / 3
	Total	9 / 12 Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is a well-crafted skill description that clearly defines its domain (wallet security auditing), lists specific capabilities (token approvals, permissions, transaction patterns), and provides explicit trigger guidance with natural user phrases. It follows best practices by using third person voice, including a 'Use when' clause, and providing concrete trigger terms that distinguish it from other skills.

Dimension	Reasoning	Score
Specificity	Lists multiple specific concrete actions: 'analyzing token approvals, permissions, and transaction patterns'. Also mentions specific outcomes like 'checking wallet security, reviewing approvals, assessing risk exposure'.	3 / 3
Completeness	Clearly answers both 'what' (audit wallet security by analyzing token approvals, permissions, and transaction patterns) and 'when' (explicit 'Use when...' clause plus a 'Trigger with phrases like...' clause providing concrete trigger terms).	3 / 3
Trigger Term Quality	Excellent coverage of natural trigger terms users would say: 'audit wallet', 'check approvals', 'security scan', 'revoke tokens', 'wallet security', 'risk exposure'. These are terms a crypto user would naturally use.	3 / 3
Distinctiveness Conflict Risk	Highly distinctive niche combining wallet security, token approvals, and transaction pattern analysis. Unlikely to conflict with general security or general crypto skills due to the specific focus on approval auditing and revocation.	3 / 3
	Total	12 / 12 Passed

Validation

81%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 9 / 11 Passed

Validation for skill structure

Criteria	Description	Result
allowed_tools_field	'allowed-tools' contains unusual tool name(s)	Warning
frontmatter_unknown_keys	Unknown frontmatter key(s) found; consider removing or moving to metadata	Warning

	Total	9 / 11 Passed

Repository: jeremylongshore/claude-code-plugins-plus-skills
Commit: 83ac5c7

Reviewed: 3 days ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.