https-certificate-checker
Https Certificate Checker - Auto-activating skill for Security Fundamentals. Triggers on: https certificate checker, https certificate checker Part of the Security Fundamentals skill category.
28
3%
Does it follow best practices?
Impact
57%
1.07xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./planned-skills/generated/03-security-fundamentals/https-certificate-checker/SKILL.mdQuality
Discovery
7%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is essentially a placeholder that repeats the skill name and category without describing any concrete capabilities or providing meaningful trigger guidance. It lacks specific actions, natural user keywords, and an explicit 'Use when...' clause, making it very difficult for Claude to correctly select this skill from a pool of options.
Suggestions
Add concrete actions the skill performs, e.g., 'Checks HTTPS/SSL/TLS certificate validity, expiration dates, certificate chain integrity, and cipher suite strength for a given domain.'
Include a 'Use when...' clause with natural trigger terms, e.g., 'Use when the user asks about SSL certificates, TLS security, certificate expiration, HTTPS validation, or wants to verify a website's certificate.'
Remove the duplicate trigger term and expand with common variations users would naturally say, such as 'SSL check', 'cert expiry', 'TLS certificate', 'website security check', and 'certificate chain'.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description does not list any concrete actions. It only names itself ('Https Certificate Checker') and mentions a category ('Security Fundamentals') without describing what it actually does—e.g., checking certificate validity, expiration dates, chain verification, etc. | 1 / 3 |
Completeness | The description fails to answer 'what does this do' beyond the name, and the 'when' clause is limited to a redundant trigger phrase with no explicit 'Use when...' guidance. Both dimensions are very weak. | 1 / 3 |
Trigger Term Quality | The only trigger terms listed are 'https certificate checker' repeated twice. It misses natural variations users would say such as 'SSL certificate', 'TLS', 'cert expiry', 'certificate validation', 'check certificate', or 'HTTPS security'. | 1 / 3 |
Distinctiveness Conflict Risk | The name 'Https Certificate Checker' is somewhat specific to a niche (certificate checking), which reduces conflict risk compared to fully generic descriptions. However, the lack of detail about what it does versus other security-related skills still leaves some overlap potential. | 2 / 3 |
Total | 5 / 12 Passed |
Implementation
0%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is an empty template/placeholder with no actual instructional content. It repeatedly references 'https certificate checker' without ever explaining what it means, how to do it, or providing any code, commands, or concrete guidance. The entire body consists of generic boilerplate that could apply to any skill topic.
Suggestions
Add executable code examples showing how to check HTTPS certificates (e.g., using Python's ssl module, openssl CLI commands, or curl with certificate verification flags)
Include a concrete workflow: connect to host → retrieve certificate → check expiration/validity → verify chain of trust → report findings, with specific commands at each step
Remove all boilerplate sections (Purpose, When to Use, Capabilities, Example Triggers) and replace with actionable content like certificate field inspection, common error handling, and pinning verification
Add specific examples of certificate issues to check for (expired certs, self-signed, weak algorithms, hostname mismatch) with corresponding detection code
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is entirely filler and boilerplate. It explains nothing Claude doesn't already know, repeats 'https certificate checker' excessively, and provides zero actual technical content about checking HTTPS certificates. | 1 / 3 |
Actionability | There are no concrete commands, code examples, or executable guidance whatsoever. The skill describes what it could do ('provides step-by-step guidance') without actually providing any guidance, code, or specific instructions. | 1 / 3 |
Workflow Clarity | No workflow, steps, or process is defined. The content only contains vague claims like 'provides step-by-step guidance' and 'validates outputs against common standards' without any actual steps or validation procedures. | 1 / 3 |
Progressive Disclosure | The content is a flat, uninformative document with no meaningful structure. There are section headers but they contain only generic placeholder text with no real content to organize or reference. | 1 / 3 |
Total | 4 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
c8a915c
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.