input-validation-checker
Input Validation Checker - Auto-activating skill for Security Fundamentals. Triggers on: input validation checker, input validation checker Part of the Security Fundamentals skill category.
38
Quality
7%
Does it follow best practices?
Impact
96%
1.09xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./planned-skills/generated/03-security-fundamentals/input-validation-checker/SKILL.mdQuality
Discovery
7%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is severely underdeveloped, consisting primarily of metadata rather than actionable content. It fails to explain what the skill actually does, provides no natural trigger terms users would say, and lacks any 'Use when...' guidance. The repeated trigger term suggests auto-generated or placeholder content.
Suggestions
Add specific capabilities: 'Validates user inputs for security vulnerabilities including SQL injection, XSS, command injection, and path traversal attacks.'
Include a 'Use when...' clause with natural triggers: 'Use when reviewing code for input validation, checking form handlers, sanitizing user data, or when the user mentions security review, input sanitization, or injection prevention.'
Add natural keywords users would say: 'validate inputs', 'sanitize data', 'check for injection', 'form validation', 'user input security', 'escape characters'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description only names the skill ('Input Validation Checker') without describing any concrete actions. There are no specific capabilities listed like 'validates user inputs', 'checks for SQL injection', or 'sanitizes form data'. | 1 / 3 |
Completeness | The description fails to answer both 'what does this do' and 'when should Claude use it'. There is no 'Use when...' clause and no explanation of the skill's actual functionality beyond its category membership. | 1 / 3 |
Trigger Term Quality | The trigger terms are just the skill name repeated twice ('input validation checker, input validation checker'). No natural user keywords like 'sanitize', 'validate form', 'check user input', 'SQL injection', or 'XSS' are included. | 1 / 3 |
Distinctiveness Conflict Risk | While 'Input Validation' is a somewhat specific security domain, the lack of concrete details means it could overlap with other security-related skills. The mention of 'Security Fundamentals' category provides some context but insufficient differentiation. | 2 / 3 |
Total | 5 / 12 Passed |
Implementation
7%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is essentially a placeholder template with no actionable content. It describes what an input validation checker skill should do without providing any actual validation techniques, code examples, patterns, or concrete guidance. The content fails to teach Claude anything about input validation security practices.
Suggestions
Add concrete code examples showing input validation patterns (e.g., sanitizing user input, validating email formats, preventing SQL injection)
Include specific validation functions or libraries with executable code snippets for common languages
Define a clear workflow for validating different input types (strings, numbers, files, JSON) with validation checkpoints
Replace generic capability descriptions with actual security patterns like allowlist validation, type checking, and length constraints
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is padded with generic boilerplate that provides no actual value. Phrases like 'provides automated assistance' and 'follows industry best practices' are vague filler that Claude already understands conceptually. | 1 / 3 |
Actionability | There is no concrete guidance, code, commands, or specific examples. The skill describes what it does in abstract terms but never shows how to actually validate input or implement any security checks. | 1 / 3 |
Workflow Clarity | No workflow, steps, or process is defined. The skill claims to provide 'step-by-step guidance' but contains zero actual steps for input validation tasks. | 1 / 3 |
Progressive Disclosure | The content is organized into sections with headers, but there are no references to detailed materials, examples, or external files. The structure exists but contains no substantive content to disclose. | 2 / 3 |
Total | 5 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
994edc4
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.