bearer-token-validator

Bearer Token Validator - Auto-activating skill for API Development. Triggers on: bearer token validator, bearer token validator Part of the API Development skill category.

0.97x

Quality

Does it follow best practices?

Impact

88%

0.97x

Average score across 3 eval scenarios

Securityby

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./planned-skills/generated/15-api-development/bearer-token-validator/SKILL.md

Evaluation results

70%

API Gateway Token Security Hardening

Bearer token HTTP validation with curl

Criteria

Without context

With context

Bearer format parsing

100%

401 for missing token

401 for malformed token

WWW-Authenticate header

curl used for HTTP testing

100%

Multiple test cases

100%

No hardcoded secrets

100%

Exit code conventions

100%

Labeled test output

100%

Empty token handling

100%

Without context: $0.4571 · 2m 15s · 21 turns · 22 in / 8,061 out tokens

With context: $0.6496 · 2m 25s · 33 turns · 32 in / 8,728 out tokens

95%

-5%

JWT Token Integrity Verifier

JWT structure and claims validation

Criteria

Without context

With context

Three-part structure check

100%

Base64url decoding

100%

Header JSON validation

100%

Expiration (exp) check

100%

Issued-at or nbf handling

100%

Structured error reporting

100%

Per-check pass/fail output

100%

Sample tokens completeness

100%

Standards compliance reference

100%

No silent failures

100%

Without context: $0.7801 · 3m 5s · 24 turns · 73 in / 15,056 out tokens

With context: $0.6599 · 2m 26s · 27 turns · 25 in / 10,684 out tokens

100%

API Authentication Reference Implementation

Production-ready OpenAPI token validation

Criteria

Without context

With context

Authorization header format

100%

Step-by-step validation

100%

401 vs 403 distinction

100%

WWW-Authenticate in 401

100%

OpenAPI bearerAuth scheme

100%

OpenAPI endpoint security

100%

curl used in examples

100%

GraphQL bearer token example

100%

Security considerations

100%

No query parameter token usage

100%

Without context: $0.5444 · 3m 4s · 19 turns · 20 in / 11,098 out tokens

With context: $0.6053 · 2m 52s · 22 turns · 22 in / 11,234 out tokens

Repository: jeremylongshore/claude-code-plugins-plus-skills
Commit: 0c08951

Evaluated: 17 days ago
Agent: Claude Code
Model: Claude Sonnet 4.6

Table of Contents

API Gateway Token Security Hardening JWT Token Integrity Verifier API Authentication Reference Implementation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.