CtrlK
BlogDocsLog inGet started
Tessl Logo

cookie-security-analyzer

Cookie Security Analyzer - Auto-activating skill for Security Fundamentals. Triggers on: cookie security analyzer, cookie security analyzer Part of the Security Fundamentals skill category.

39

1.05x

Quality

7%

Does it follow best practices?

Impact

99%

1.05x

Average score across 3 eval scenarios

SecuritybySnyk

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./planned-skills/generated/03-security-fundamentals/cookie-security-analyzer/SKILL.md
SKILL.md
Quality
Evals
Security

Evaluation results

100%

8%

Legacy Cookie Security Review

Cookie vulnerability detection and audit

Criteria
Without context
With context

HttpOnly flag identified

100%

100%

Secure flag identified

100%

100%

SameSite attribute identified

100%

100%

Input validation issue identified

100%

100%

Debug/sensitive cookie identified

100%

100%

Authentication weakness identified

100%

100%

Severity classification present

100%

100%

OWASP reference

0%

100%

Step-by-step structure

100%

100%

Fixed code uses HttpOnly

100%

100%

Fixed code uses Secure flag

100%

100%

Fixed code adds SameSite

100%

100%

Fixed code sanitizes input

100%

100%

Without context: $0.4060 · 2m 14s · 17 turns · 18 in / 7,632 out tokens

With context: $0.5976 · 2m 53s · 25 turns · 281 in / 9,870 out tokens

97%

5%

Secure Cookie Setup for a New User Portal

Production-ready secure cookie configuration

Criteria
Without context
With context

HttpOnly set

100%

100%

Secure flag set

100%

100%

SameSite attribute set

100%

100%

Cookie expiry configured

100%

100%

No sensitive data in cookie value

100%

100%

Logout clears cookie

100%

100%

Production-ready code

50%

80%

OWASP standard cited

100%

100%

Step-by-step attribute rationale

100%

100%

Authentication domain covered

100%

100%

Input validation on login

62%

87%

No debug artifacts

100%

100%

Without context: $0.3830 · 1m 34s · 21 turns · 21 in / 5,748 out tokens

With context: $0.5134 · 2m 11s · 28 turns · 160 in / 7,279 out tokens

100%

Cookie Dependency Vulnerability Report

npm-based cookie dependency security analysis

Criteria
Without context
With context

npm audit used

100%

100%

npm-based approach only

100%

100%

Step-by-step methodology

100%

100%

Cookie-specific scope

100%

100%

Command purpose explained

100%

100%

Findings structured by package

100%

100%

Severity classification

100%

100%

jsonwebtoken vulnerability addressed

100%

100%

Recommended actions present

100%

100%

OWASP or standard referenced

100%

100%

Vulnerability detection domain coverage

100%

100%

Without context: $0.4770 · 2m 41s · 18 turns · 60 in / 7,878 out tokens

With context: $0.7053 · 3m 34s · 28 turns · 59 in / 10,649 out tokens

Repository
jeremylongshore/claude-code-plugins-plus-skills
Commit

994edc4

Evaluated
Agent
Claude Code
Model
Claude Sonnet 4.6

Table of Contents

Legacy Cookie Security ReviewSecure Cookie Setup for a New User PortalCookie Dependency Vulnerability Report

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill