CtrlK
BlogDocsLog inGet started
Tessl Logo

cloud-security-posture

Cloud Security Posture - Auto-activating skill for Security Advanced. Triggers on: cloud security posture, cloud security posture Part of the Security Advanced skill category.

36

1.00x

Quality

3%

Does it follow best practices?

Impact

97%

1.00x

Average score across 3 eval scenarios

SecuritybySnyk

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./planned-skills/generated/04-security-advanced/cloud-security-posture/SKILL.md
SKILL.md
Quality
Evals
Security

Evaluation results

100%

SOC2 Readiness Review for SaaS Startup

SOC2 compliance assessment

Criteria
Without context
With context

SOC2 criteria mapping

100%

100%

AWS service mapping

100%

100%

Gap identification

100%

100%

Concrete remediation steps

100%

100%

Prioritized action list

100%

100%

Step-by-step structure

100%

100%

Industry standard references

100%

100%

Script uses boto3

100%

100%

Script checks public access

100%

100%

Script is runnable

100%

100%

Production-ready script

100%

100%

Without context: $0.4735 · 2m 29s · 19 turns · 61 in / 8,730 out tokens

With context: $0.6190 · 2m 56s · 26 turns · 26 in / 11,062 out tokens

92%

-1%

Threat Model for Healthcare Data Platform on GCP

Cloud threat modeling

Criteria
Without context
With context

Threat methodology

41%

33%

Trust boundary analysis

100%

100%

All components covered

100%

100%

Structured threat entries

100%

100%

Impact and likelihood

100%

100%

GCP-specific mitigations

100%

100%

Compliance alignment

100%

100%

Step-by-step structure

100%

100%

JSON has 8+ threats

100%

100%

JSON schema correct

100%

100%

Industry standard references

100%

100%

Without context: $0.4784 · 2m 58s · 18 turns · 19 in / 9,548 out tokens

With context: $0.5178 · 2m 55s · 22 turns · 89 in / 9,320 out tokens

100%

Azure Cloud Penetration Test Planning

Cloud penetration testing methodology

Criteria
Without context
With context

Pentest methodology

100%

100%

Phased approach

100%

100%

Scope definition

100%

100%

Component coverage

100%

100%

Specific test techniques

100%

100%

Rules of engagement

100%

100%

Azure-specific techniques

100%

100%

Industry standard reference

100%

100%

JSON has 3+ components

100%

100%

JSON schema valid

100%

100%

Documentation requirements

100%

100%

Without context: $0.4736 · 3m 44s · 12 turns · 13 in / 11,852 out tokens

With context: $0.8738 · 6m 1s · 27 turns · 287 in / 17,803 out tokens

Repository
jeremylongshore/claude-code-plugins-plus-skills
Commit

994edc4

Evaluated
Agent
Claude Code
Model
Claude Sonnet 4.6

Table of Contents

SOC2 Readiness Review for SaaS StartupThreat Model for Healthcare Data Platform on GCPAzure Cloud Penetration Test Planning

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill