clerk-enterprise-rbac
Configure enterprise SSO, role-based access control, and organization management. Use when implementing SSO integration, configuring role-based permissions, or setting up organization-level controls. Trigger with phrases like "clerk SSO", "clerk RBAC", "clerk enterprise", "clerk roles", "clerk permissions", "clerk organizations".
84
82%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a well-crafted skill description that hits all the key criteria. It provides specific capabilities, explicit 'Use when' guidance, and platform-specific trigger terms ('clerk SSO', 'clerk RBAC') that make it highly distinguishable. The description is concise, uses third-person voice, and follows best practices closely.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'Configure enterprise SSO', 'role-based access control', and 'organization management'. These are distinct, well-defined capabilities. | 3 / 3 |
Completeness | Clearly answers both 'what' (configure enterprise SSO, RBAC, org management) and 'when' (explicit 'Use when' clause with specific scenarios plus a 'Trigger with phrases' section listing exact keywords). | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural trigger terms including 'clerk SSO', 'clerk RBAC', 'clerk enterprise', 'clerk roles', 'clerk permissions', 'clerk organizations'. These are terms users would naturally use when needing this skill. | 3 / 3 |
Distinctiveness Conflict Risk | The 'clerk' prefix on all trigger terms creates a very clear niche tied to the Clerk platform. Combined with specific domains (SSO, RBAC, organizations), this is highly unlikely to conflict with other skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
64%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a solid, highly actionable skill with executable code examples covering the full spectrum of Clerk enterprise RBAC features. Its main weaknesses are the monolithic structure (all content inline with no bundle files for progressive disclosure) and the lack of explicit validation/verification checkpoints between steps, which is important for enterprise SSO and RBAC configuration. The error handling table partially compensates but doesn't replace in-workflow validation.
Suggestions
Add explicit validation checkpoints between steps, e.g., 'Verify organization creation works by visiting /org-selector before proceeding to Step 2' and 'Test middleware protection by accessing /admin as a non-admin user before configuring SSO'.
Split the longer code sections (Steps 6-7 for Backend API management) into separate bundle files like `org-member-api.md` and `programmatic-roles.md`, keeping only brief summaries with references in the main SKILL.md.
Remove or condense the default roles table and prerequisite details that Claude can infer, focusing the main body on the custom configuration patterns that are truly novel.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is fairly long with extensive code examples that are mostly necessary, but includes some unnecessary explanation (e.g., the Prerequisites section explaining what plans are needed, the table of default roles that Claude would know). The tables for custom permissions/roles are helpful but could be more compact. Overall mostly efficient but could be tightened. | 2 / 3 |
Actionability | Every step includes fully executable TypeScript code with proper imports, file paths, and realistic patterns. The code is copy-paste ready for Next.js App Router with @clerk/nextjs, covering middleware, server components, client components, and API routes. The SAML configuration steps are concrete with specific URLs and attribute mappings. | 3 / 3 |
Workflow Clarity | The 8 steps provide a clear sequence from enabling organizations through SSO configuration, and the error handling table is a good addition. However, there are no explicit validation checkpoints — no 'verify this works before proceeding' steps between stages. For enterprise configuration involving SSO and role management (potentially destructive/breaking operations), missing verification steps cap this at 2. | 2 / 3 |
Progressive Disclosure | The content is well-structured with clear headings and a logical progression, and it links to external Clerk docs. However, at ~200+ lines of inline code, some sections (like the Backend API member management or programmatic role management) could be split into separate reference files. The skill is monolithic with no bundle files to offload detail into. | 2 / 3 |
Total | 9 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
3a2d27d
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.