certificate-lifecycle-manager
Certificate Lifecycle Manager - Auto-activating skill for Security Advanced. Triggers on: certificate lifecycle manager, certificate lifecycle manager Part of the Security Advanced skill category.
36
Quality
3%
Does it follow best practices?
Impact
97%
1.01xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./planned-skills/generated/04-security-advanced/certificate-lifecycle-manager/SKILL.mdQuality
Discovery
7%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is severely lacking in all key areas. It provides no information about what the skill actually does (e.g., renew certificates, monitor expiration, generate CSRs), contains no natural trigger terms users would say, and offers no guidance on when Claude should select this skill. It reads like auto-generated boilerplate rather than a useful skill description.
Suggestions
Add specific concrete actions the skill performs, e.g., 'Monitors certificate expiration dates, generates CSRs, renews SSL/TLS certificates, tracks certificate inventory'
Include a 'Use when...' clause with natural trigger terms like 'SSL certificate', 'TLS', 'cert expiring', 'certificate renewal', 'HTTPS certificate', 'PKI'
Remove the redundant duplicate trigger term and replace with varied, user-natural phrases that would indicate certificate management needs
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description contains no concrete actions whatsoever. It only names the tool ('Certificate Lifecycle Manager') and mentions it's part of 'Security Advanced' but provides zero information about what it actually does. | 1 / 3 |
Completeness | The description fails to answer 'what does this do' entirely and provides no explicit 'when to use' guidance beyond the redundant trigger phrase. Both the what and when are missing or extremely weak. | 1 / 3 |
Trigger Term Quality | The only trigger terms listed are 'certificate lifecycle manager' repeated twice. This is technical jargon that users are unlikely to naturally say, and there are no variations like 'SSL', 'TLS', 'cert renewal', 'expiring certificates', etc. | 1 / 3 |
Distinctiveness Conflict Risk | While 'Certificate Lifecycle Manager' is a specific enough name to avoid conflicts with most skills, the lack of detail about what it does means it could potentially overlap with other security or certificate-related skills without clear differentiation. | 2 / 3 |
Total | 5 / 12 Passed |
Implementation
0%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is an empty template that provides no actual guidance on certificate lifecycle management. It contains only generic placeholder text that could apply to any skill topic, with no concrete information about certificates, PKI, renewal processes, or security procedures. The content fails every dimension of the rubric.
Suggestions
Add concrete, executable examples for common certificate operations (e.g., generating CSRs, checking expiration dates, automating renewals with specific tools like certbot or openssl)
Define a clear workflow for certificate lifecycle stages: generation → deployment → monitoring → renewal → revocation, with validation checkpoints at each stage
Include specific commands and code snippets for certificate management tasks (openssl commands, ACME protocol usage, certificate store management)
Structure content with progressive disclosure: quick reference for common tasks in SKILL.md, with links to detailed guides for PKI setup, compliance requirements, and automation scripts
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is padded with generic boilerplate that provides no actual information about certificate lifecycle management. Phrases like 'provides automated assistance' and 'follows industry best practices' are meaningless filler that waste tokens. | 1 / 3 |
Actionability | There is zero concrete guidance - no code, no commands, no specific steps, no actual certificate management procedures. The content only describes what the skill claims to do without providing any executable instructions. | 1 / 3 |
Workflow Clarity | No workflow is defined whatsoever. Certificate lifecycle management involves complex multi-step processes (generation, renewal, revocation, monitoring) but none are documented. No validation checkpoints or procedures are mentioned. | 1 / 3 |
Progressive Disclosure | The content is a flat, uninformative template with no structure for actual learning. There are no references to detailed documentation, no links to specific procedures, and no organization of certificate management topics. | 1 / 3 |
Total | 4 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
994edc4
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.