https-certificate-checker
Https Certificate Checker - Auto-activating skill for Security Fundamentals. Triggers on: https certificate checker, https certificate checker Part of the Security Fundamentals skill category.
28
3%
Does it follow best practices?
Impact
57%
1.07xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./planned-skills/generated/03-security-fundamentals/https-certificate-checker/SKILL.mdQuality
Discovery
7%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is extremely weak—it is essentially just a title repeated with boilerplate auto-generated text. It provides no concrete actions, no natural trigger terms beyond the skill name, and no guidance on when Claude should select this skill. It reads like a template placeholder rather than a functional skill description.
Suggestions
Add concrete actions the skill performs, e.g., 'Checks HTTPS/SSL/TLS certificate validity, expiration dates, certificate chain, and cipher strength for a given domain.'
Add an explicit 'Use when...' clause with natural trigger terms, e.g., 'Use when the user asks about SSL certificates, HTTPS security, certificate expiry, TLS configuration, or wants to verify a website's certificate.'
Include common keyword variations users might say: 'SSL', 'TLS', 'certificate expiration', 'cert check', 'HTTPS validation', '.pem', 'certificate chain'.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description does not describe any concrete actions. It only names itself ('Https Certificate Checker') and states it's part of 'Security Fundamentals' without explaining what it actually does—no mention of checking, validating, inspecting certificates, or any specific capabilities. | 1 / 3 |
Completeness | The description fails to answer both 'what does this do' and 'when should Claude use it'. There is no explanation of functionality and no explicit 'Use when...' clause or equivalent trigger guidance. | 1 / 3 |
Trigger Term Quality | The only trigger terms listed are 'https certificate checker' repeated twice. There are no natural variations users might say such as 'SSL certificate', 'TLS', 'certificate expiry', 'check certificate', 'cert validation', or 'HTTPS security'. | 1 / 3 |
Distinctiveness Conflict Risk | The name 'Https Certificate Checker' is somewhat specific to a niche domain (HTTPS/SSL certificates), which provides some distinctiveness. However, the lack of concrete detail about what it does versus other security-related skills means overlap is possible. | 2 / 3 |
Total | 5 / 12 Passed |
Implementation
0%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is an empty template/placeholder with no actual content about HTTPS certificate checking. It contains only generic boilerplate text that repeats the skill name without providing any actionable guidance, code examples, or concrete instructions. It would be entirely useless to Claude in performing any certificate-related task.
Suggestions
Add concrete, executable code examples for checking HTTPS certificates (e.g., `openssl s_client -connect example.com:443`, Python ssl/socket snippets, or curl commands with certificate inspection flags).
Define a clear workflow: 1) Connect to host, 2) Retrieve certificate, 3) Check expiration/validity, 4) Verify chain of trust, 5) Report findings — with specific commands at each step.
Remove all boilerplate sections (Purpose, When to Use, Example Triggers) that just repeat the skill name and replace with actual security-relevant content such as common certificate issues, validation criteria, and error handling.
Add specific examples of expected output (e.g., what a valid vs expired certificate report looks like) so Claude knows what to produce.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is entirely filler and boilerplate. It explains nothing Claude doesn't already know, repeats the trigger phrase 'https certificate checker' excessively, and provides zero substantive information about actually checking HTTPS certificates. | 1 / 3 |
Actionability | There is no concrete code, no commands, no executable guidance whatsoever. The skill describes what it supposedly does ('provides step-by-step guidance') without actually providing any guidance. No certificate checking commands, no openssl examples, no code snippets. | 1 / 3 |
Workflow Clarity | There is no workflow, no steps, no sequence, and no validation checkpoints. The skill claims to provide 'step-by-step guidance' but contains none. A certificate checking task involves concrete steps (connecting, inspecting, validating) that are entirely absent. | 1 / 3 |
Progressive Disclosure | The content is a monolithic block of placeholder text with no meaningful structure. There are no references to supporting files, no layered content organization, and the sections that exist (Purpose, When to Use, Capabilities, etc.) contain only generic boilerplate rather than useful information. | 1 / 3 |
Total | 4 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
13d35b8
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.