CtrlK
BlogDocsLog inGet started
Tessl Logo

deepgram-security-basics

Apply Deepgram security best practices for API key management and data protection. Use when securing Deepgram integrations, implementing key rotation, or auditing security configurations. Trigger: "deepgram security", "deepgram API key security", "secure deepgram", "deepgram key rotation", "deepgram data protection", "deepgram PII redaction".

71

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

77%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The body is highly actionable with executable code and validation where it matters, but it is long and keeps everything inline while an existing bundle file goes unreferenced, weakening progressive disclosure.

Suggestions

Link references/implementation.md from the body (e.g., in a '## Advanced' or '## Resources' section) so the existing AWS/GCP secret-manager, encryption, and rotation material is discoverable.

Move the detailed key-rotation and secret-manager code out of SKILL.md into the bundle to reduce duplication and shrink the inline body.

Tighten inline comments and merge overlapping Step 4 rotation guidance with the bundled rotation script to avoid restating the same flow twice.

DimensionReasoningScore

Conciseness

The ~240-line body is code-heavy and avoids explaining known concepts, but it is lengthy and partially duplicates material that also appears in references/implementation.md (e.g., key rotation), so it could be tightened.

2 / 3

Actionability

Each step ships fully executable TypeScript using the real Deepgram SDK with concrete scopes, parameters, and an error-handling table — copy-paste ready.

3 / 3

Workflow Clarity

Steps are clearly sequenced and the destructive key-rotation step includes an explicit validation checkpoint with abort-on-failure, plus SSRF validation before transcription.

3 / 3

Progressive Disclosure

Sections and a checklist provide some structure, but the bundle file references/implementation.md is never linked or signaled from the body, and the inline content is monolithic rather than split across files.

2 / 3

Total

10

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

A strong description that clearly states capabilities, usage conditions, and natural trigger terms in third person. It hits all four anchors at the top level with no padding.

DimensionReasoningScore

Specificity

The description names multiple concrete actions — 'API key management and data protection', 'securing Deepgram integrations, implementing key rotation, or auditing security configurations' — rather than vague language.

3 / 3

Completeness

It explicitly answers what ('Apply Deepgram security best practices for API key management and data protection') and when ('Use when securing Deepgram integrations, implementing key rotation, or auditing security configurations') with explicit triggers.

3 / 3

Trigger Term Quality

It lists natural trigger phrases a user would say — 'deepgram security', 'deepgram API key security', 'deepgram key rotation', 'deepgram PII redaction' — with good coverage of variations.

3 / 3

Distinctiveness Conflict Risk

The Deepgram-specific security niche and distinct trigger terms make it unlikely to fire for unrelated skills.

3 / 3

Total

12

/

12

Passed

Validation

87%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation14 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

allowed_tools_field

'allowed-tools' contains unusual tool name(s)

Warning

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

14

/

16

Passed

Repository
jeremylongshore/claude-code-plugins-plus-skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.