CtrlK
BlogDocsLog inGet started
Tessl Logo

auditing-wallet-security

Audit wallet security by analyzing token approvals, permissions, and transaction patterns. Use when checking wallet security, reviewing approvals, or assessing risk exposure. Trigger with phrases like "audit wallet", "check approvals", "security scan", or "revoke tokens".

67

Quality

82%

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Advisory

Suggest reviewing before use

SKILL.md
Quality
Evals
Security

Quality

Content

64%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This is a solid, actionable skill with clear CLI commands and good structure. Its main weaknesses are moderate verbosity (the output mockup, risk level tables, and recommendations could be trimmed or moved to reference files) and the lack of explicit validation/decision checkpoints in the workflow for handling different security findings. The progressive disclosure is partially implemented but the main file carries too much detail inline.

Suggestions

Add a decision-tree or feedback loop after the security scan step (e.g., 'If score < 50, immediately run revoke-list and address CRITICAL items before proceeding').

Move the ASCII output example, risk factors list, and recommendations section to a reference file to reduce the main SKILL.md length.

Trim the Overview paragraph—Claude doesn't need to be told what a security analysis tool is; jump straight to prerequisites and instructions.

DimensionReasoningScore

Conciseness

The content is mostly efficient but includes some unnecessary sections like the ASCII art output example, verbose risk level breakdowns, and the recommendations section which are somewhat padded. The overview paragraph explaining what a security analysis tool does is slightly redundant given the description. However, most content is functional and relevant.

2 / 3

Actionability

Every command is concrete, copy-paste ready with specific CLI syntax, flags, and real example addresses. The numbered list format for options and the clear command patterns make it immediately executable.

3 / 3

Workflow Clarity

The steps are clearly listed and sequenced (approvals → scan → score → history → revoke-list → report), but there are no explicit validation checkpoints or feedback loops. For a security auditing tool, there should be guidance on what to do when the score is low or when critical risks are found—a decision tree or verification step after scanning.

2 / 3

Progressive Disclosure

References to external files like errors.md and examples.md are present and well-signaled, but the main SKILL.md is quite long with inline content (output examples, risk factors, recommendations) that could be offloaded to reference files. The output section and resources section add bulk that could be separate. Since no bundle files were provided, we can't verify the referenced paths exist.

2 / 3

Total

9

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is a well-crafted skill description that clearly defines its domain (wallet security auditing), lists specific capabilities (token approvals, permissions, transaction patterns), and provides explicit trigger guidance with natural user phrases. It follows best practices by using third person voice, including a 'Use when' clause, and providing concrete trigger terms that distinguish it from other skills.

DimensionReasoningScore

Specificity

Lists multiple specific concrete actions: 'analyzing token approvals, permissions, and transaction patterns'. Also mentions specific outcomes like 'checking wallet security, reviewing approvals, assessing risk exposure'.

3 / 3

Completeness

Clearly answers both 'what' (audit wallet security by analyzing token approvals, permissions, and transaction patterns) and 'when' (explicit 'Use when...' clause plus a 'Trigger with phrases like...' clause providing concrete trigger terms).

3 / 3

Trigger Term Quality

Excellent coverage of natural trigger terms users would say: 'audit wallet', 'check approvals', 'security scan', 'revoke tokens', 'wallet security', 'risk exposure'. These are terms a crypto user would naturally use.

3 / 3

Distinctiveness Conflict Risk

Highly distinctive niche combining wallet security, token approvals, and transaction pattern analysis. Unlikely to conflict with general security or general crypto skills due to the specific focus on approval auditing and revocation.

3 / 3

Total

12

/

12

Passed

Validation

81%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation9 / 11 Passed

Validation for skill structure

CriteriaDescriptionResult

allowed_tools_field

'allowed-tools' contains unusual tool name(s)

Warning

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

9

/

11

Passed

Repository
jeremylongshore/claude-code-plugins-plus-skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.