ideogram-security-basics
Apply Ideogram security best practices for secrets and access control. Use when securing API keys, implementing least privilege access, or auditing Ideogram security configuration. Trigger with phrases like "ideogram security", "ideogram secrets", "secure ideogram", "ideogram API key security".
Install with Tessl CLI
npx tessl i github:jeremylongshore/claude-code-plugins-plus-skills --skill ideogram-security-basics90
Quality
87%
Does it follow best practices?
Impact
99%
1.37xAverage score across 3 eval scenarios
Discovery
89%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a well-structured skill description with explicit trigger guidance and clear 'Use when' scenarios. The main weakness is that the specific actions described (securing API keys, least privilege, auditing) are somewhat generic security concepts that could be more concrete about what Ideogram-specific operations are performed.
Suggestions
Add more Ideogram-specific concrete actions (e.g., 'configure Ideogram webhook authentication', 'rotate Ideogram API tokens', 'set up Ideogram organization permissions') to improve specificity.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (Ideogram security) and mentions some actions ('securing API keys', 'implementing least privilege access', 'auditing security configuration'), but these are somewhat generic security concepts rather than highly specific concrete actions unique to Ideogram. | 2 / 3 |
Completeness | Clearly answers both what (apply security best practices for secrets and access control) and when (explicit 'Use when...' clause with specific scenarios plus 'Trigger with phrases' providing additional guidance). | 3 / 3 |
Trigger Term Quality | Explicitly lists natural trigger phrases users would say: 'ideogram security', 'ideogram secrets', 'secure ideogram', 'ideogram API key security'. These are practical, user-oriented terms with good coverage of variations. | 3 / 3 |
Distinctiveness Conflict Risk | The Ideogram-specific focus creates a clear niche. The combination of 'Ideogram' with security terms makes it unlikely to conflict with general security skills or other platform-specific skills. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
85%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a solid security skill with excellent actionability through concrete, executable code examples and clear workflow steps for secret rotation. The main weakness is some verbosity in the prerequisites and overview sections, plus the audit logging example may be more detailed than necessary for a 'basics' skill. Overall structure and progressive disclosure are well-executed.
Suggestions
Remove the Prerequisites section - Claude understands environment variables and SDK installation
Consider moving the detailed audit logging example to a separate advanced security skill, keeping only a brief mention here
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is mostly efficient but includes some unnecessary elements like the 'Prerequisites' section (Claude knows what environment variables are) and the 'Overview' line that adds little value. The audit logging example is quite verbose for a security basics skill. | 2 / 3 |
Actionability | Provides fully executable code examples including bash commands, TypeScript patterns, and curl verification. The webhook signature verification and service account patterns are copy-paste ready with proper imports and type definitions. | 3 / 3 |
Workflow Clarity | Secret rotation has clear numbered steps with explicit verification (curl health check) before revoking old key. The security checklist provides validation checkpoints, and the error handling table maps detection to mitigation actions. | 3 / 3 |
Progressive Disclosure | Well-structured with clear sections progressing from basic setup to advanced patterns. References external resources appropriately (Ideogram docs, prod-checklist) without deep nesting. Content is appropriately scoped for a 'basics' skill. | 3 / 3 |
Total | 11 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.