firecrawl-enterprise-rbac
Configure Firecrawl team access control with per-key credit limits and domain restrictions. Use when managing multiple API keys per team, implementing credit budgets per consumer, or controlling which domains each team can scrape. Trigger with phrases like "firecrawl RBAC", "firecrawl teams", "firecrawl enterprise", "firecrawl access control", "firecrawl permissions".
89
88%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Advisory
Suggest reviewing before use
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is an excellent skill description that clearly defines its scope around Firecrawl team access control, provides specific capabilities (per-key credit limits, domain restrictions, multiple API keys), and includes both explicit 'Use when' triggers and a dedicated trigger phrase list. It uses proper third-person voice throughout and is concise without being vague.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'Configure team access control', 'per-key credit limits', 'domain restrictions', 'managing multiple API keys per team', 'implementing credit budgets per consumer', 'controlling which domains each team can scrape'. | 3 / 3 |
Completeness | Clearly answers 'what' (configure team access control with per-key credit limits and domain restrictions) and 'when' (explicit 'Use when...' clause covering managing API keys, credit budgets, domain control, plus a 'Trigger with phrases' section). | 3 / 3 |
Trigger Term Quality | Includes a dedicated trigger phrase list with natural terms like 'firecrawl RBAC', 'firecrawl teams', 'firecrawl enterprise', 'firecrawl access control', 'firecrawl permissions'. Also includes contextual terms like 'credit limits', 'domain restrictions', and 'API keys per team' that users would naturally mention. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with a clear niche: Firecrawl-specific team access control, RBAC, and credit management. The combination of 'Firecrawl' + 'access control' + 'credit limits' + 'domain restrictions' is very unlikely to conflict with other skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
77%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a strong, actionable skill with well-sequenced steps and concrete, executable TypeScript code for implementing team-based access control. The workflow includes proper validation checkpoints (domain checks, budget checks, key verification during rotation). The main weakness is that the inline code is quite lengthy and could be split into referenced files for better progressive disclosure, and some introductory content is slightly verbose.
Suggestions
Consider extracting the gateway proxy (Step 2) and budget enforcement (Step 3) code into a referenced file like `firecrawl-rbac-gateway.ts`, keeping only the TEAM_POLICIES config and a brief description inline.
Remove the 'Understanding of credit-per-page billing' prerequisite and the overview sentence explaining credit-based pricing — Claude doesn't need this context to implement the solution.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is mostly efficient but includes some unnecessary elements like 'Understanding of credit-per-page billing' as a prerequisite and the overview paragraph restating what credits are. The bash comments in Step 1 are somewhat verbose for what amounts to 'create keys in the dashboard.' However, the code examples themselves are lean and purposeful. | 2 / 3 |
Actionability | Provides fully executable TypeScript code with concrete type definitions, domain matching logic, budget enforcement, and complete scrape/crawl functions. The key rotation step includes a real curl command for verification. The error handling table maps specific HTTP codes to solutions. | 3 / 3 |
Workflow Clarity | The 5-step sequence is logically ordered from key creation → gateway proxy → budget enforcement → policy-enforced scraping → key rotation. Step 5 includes explicit validation (curl check before removing old key) and a 48-hour overlap window. The budget checks in Step 4 serve as validation gates before any scraping occurs. | 3 / 3 |
Progressive Disclosure | The content is well-structured with clear sections, but it's quite long (~150 lines of code) and could benefit from splitting the gateway proxy and budget enforcement code into separate reference files. The 'Next Steps' reference to firecrawl-migration-deep-dive is good, but the main content is monolithic. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
c8a915c
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.