bearer-token-validator
Bearer Token Validator - Auto-activating skill for API Development. Triggers on: bearer token validator, bearer token validator Part of the API Development skill category.
34
Quality
3%
Does it follow best practices?
Impact
88%
0.97xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./planned-skills/generated/15-api-development/bearer-token-validator/SKILL.mdQuality
Discovery
7%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is essentially a placeholder that provides almost no useful information for skill selection. It relies entirely on the skill name without explaining capabilities, use cases, or providing meaningful trigger terms. The repeated trigger term and boilerplate category mention suggest auto-generated content that needs substantial human refinement.
Suggestions
Add specific actions the skill performs, e.g., 'Validates bearer token format, checks expiration, verifies JWT signatures, decodes token payloads'
Include a 'Use when...' clause with natural trigger scenarios like 'Use when debugging API authentication, checking token validity, or troubleshooting 401 errors'
Expand trigger terms to include variations users would naturally say: 'JWT', 'auth token', 'OAuth token', 'token expired', 'authentication header', '401 unauthorized'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description only names the skill ('Bearer Token Validator') without describing any concrete actions. There are no verbs or specific capabilities listed - it doesn't explain what validating a bearer token actually involves or what operations the skill performs. | 1 / 3 |
Completeness | The description fails to answer 'what does this do' beyond the name itself, and provides no 'when should Claude use it' guidance. The 'Triggers on' section just repeats the skill name rather than providing meaningful trigger scenarios. | 1 / 3 |
Trigger Term Quality | The trigger terms are just 'bearer token validator' repeated twice, which is redundant and overly narrow. Missing natural variations users might say like 'validate token', 'check auth token', 'JWT validation', 'authentication', 'API auth', or 'token verification'. | 1 / 3 |
Distinctiveness Conflict Risk | While 'bearer token' is somewhat specific to authentication contexts, the lack of detail about what validation entails could cause overlap with other authentication or API security skills. The mention of 'API Development' category provides some context but is still fairly broad. | 2 / 3 |
Total | 5 / 12 Passed |
Implementation
0%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill content is essentially a template placeholder with no actual technical value. It contains zero information about bearer token validation - no code examples, no authentication patterns, no JWT handling, no security considerations. The entire content describes what the skill claims to do without actually doing any of it.
Suggestions
Add concrete code examples showing bearer token validation (e.g., JWT verification, token extraction from Authorization header, expiration checking)
Include specific validation steps: extract token, decode payload, verify signature, check expiration, validate claims
Provide error handling patterns for common failure cases (expired token, invalid signature, missing token)
Add security best practices specific to bearer tokens (HTTPS requirement, token storage, refresh token patterns)
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is entirely filler with no actual technical substance. It explains what the skill does in abstract terms without providing any concrete implementation details, wasting tokens on meta-descriptions Claude doesn't need. | 1 / 3 |
Actionability | No executable code, no concrete commands, no actual bearer token validation logic. The content only describes what it could do rather than providing any actionable guidance on how to validate bearer tokens. | 1 / 3 |
Workflow Clarity | No workflow is defined. Claims to provide 'step-by-step guidance' but contains zero actual steps. No validation checkpoints, no sequence of operations, nothing Claude could follow. | 1 / 3 |
Progressive Disclosure | The content is a monolithic block of placeholder text with no structure pointing to detailed materials. No references to implementation files, no organized sections with actual content. | 1 / 3 |
Total | 4 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
0c08951
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.