CtrlK
BlogDocsLog inGet started
Tessl Logo

documenso-enterprise-rbac

Configure Documenso enterprise role-based access control and team management. Use when implementing team permissions, configuring organizational roles, or setting up enterprise access controls. Trigger with phrases like "documenso RBAC", "documenso teams", "documenso permissions", "documenso enterprise", "documenso roles".

64

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

65%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The content is highly actionable with executable code and useful reference tables, but it overloads the SKILL.md overview with detail that belongs in the existing reference, and its multi-step workflows lack validation checkpoints for destructive operations.

Suggestions

Link the existing references/implementation-guide.md from the body (e.g., a "## Implementation guide" section) and move the audit-logging and multi-tenant code blocks there to slim the overview.

Add explicit validation checkpoints to Steps 2 and 5—e.g., after applying RBAC middleware run a permission-matrix test, and after tenant setup verify cross-tenant isolation with a test asserting one tenant's key cannot read another's documents.

Fix or remove the dangling "documenso-migration-deep-dive" reference, either pointing it at a real bundle file or dropping the line.

DimensionReasoningScore

Conciseness

The body is product-specific with no generic-concept padding, but at roughly 250 lines with five sizable code blocks (audit logging, multi-tenant) it could be tightened; some of that detail would fit better in the reference file.

2 / 3

Actionability

It provides fully executable TypeScript (client init, RBAC middleware, audit wrapper, tenant service), a permission matrix, an error-cause-solution table, and concrete SSO steps with real redirect/issuer URLs.

3 / 3

Workflow Clarity

Steps 1–5 are clearly sequenced, but destructive operations (document deletion, tenant data isolation) lack integrated validation checkpoints—only the SSO step has an explicit "test with a non-admin user first" check, capping this per the rubric's destructive-operation rule.

2 / 3

Progressive Disclosure

A references/implementation-guide.md bundle exists but is never linked from the body, the body's only cross-reference ("documenso-migration-deep-dive") points to a non-existent file, and detail that could live in the reference is inline.

2 / 3

Total

9

/

12

Passed

Description

90%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description clearly answers both what the skill does and when to use it, with distinctive product-scoped trigger phrases. Its only weakness is that the capability statement is a single configure action rather than a fuller list of concrete operations.

DimensionReasoningScore

Specificity

"Configure Documenso enterprise role-based access control and team management" names the domain and a couple of actions, but uses a single verb over two noun phrases rather than a list of multiple concrete operations, so it is not comprehensive.

2 / 3

Completeness

It states what it does ("Configure Documenso enterprise role-based access control and team management") and gives an explicit "Use when..." clause covering when to invoke it.

3 / 3

Trigger Term Quality

Trigger phrases "documenso RBAC", "documenso teams", "documenso permissions", "documenso enterprise", and "documenso roles" give good coverage of natural terms a user would say.

3 / 3

Distinctiveness Conflict Risk

The product-specific "documenso" prefix on every trigger carves out a clear niche, making it unlikely to fire for unrelated skills.

3 / 3

Total

11

/

12

Passed

Validation

87%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation14 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

allowed_tools_field

'allowed-tools' contains unusual tool name(s)

Warning

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

14

/

16

Passed

Repository
jeremylongshore/claude-code-plugins-plus-skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.