license-compliance-scanner
License Compliance Scanner - Auto-activating skill for Security Fundamentals. Triggers on: license compliance scanner, license compliance scanner Part of the Security Fundamentals skill category.
Install with Tessl CLI
npx tessl i github:jeremylongshore/claude-code-plugins-plus-skills --skill license-compliance-scannerOverall
score
19%
Does it follow best practices?
Validation for skill structure
Activation
7%This description is essentially a placeholder that provides no actionable information for skill selection. It only states the skill's name and category without describing capabilities, use cases, or natural trigger terms. Claude would have no basis for knowing when to select this skill over others.
Suggestions
Add concrete actions the skill performs, e.g., 'Scans project dependencies for license compliance issues, identifies GPL/LGPL/proprietary conflicts, generates license reports'
Include a 'Use when...' clause with natural trigger terms like 'check licenses', 'dependency compliance', 'open source audit', 'license conflicts', 'SBOM'
Remove the duplicate trigger term and replace with varied natural language users would actually use when needing license compliance help
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description only names the skill ('License Compliance Scanner') without describing any concrete actions. There are no verbs indicating what the skill actually does - no mention of scanning, checking, validating, reporting, or any specific capabilities. | 1 / 3 |
Completeness | The description fails to answer 'what does this do' (no actions described) and 'when should Claude use it' (no use cases or explicit trigger guidance). It only provides metadata about the skill's category. | 1 / 3 |
Trigger Term Quality | The only trigger terms listed are 'license compliance scanner' repeated twice, which is the skill's own name rather than natural keywords users would say. Missing terms like 'license check', 'dependency licenses', 'GPL', 'MIT', 'open source compliance', 'SPDX', etc. | 1 / 3 |
Distinctiveness Conflict Risk | The term 'License Compliance Scanner' is somewhat specific to a niche domain, but without describing what it actually does, it could potentially conflict with other security or compliance-related skills. The lack of specificity makes conflict assessment difficult. | 2 / 3 |
Total | 5 / 12 Passed |
Implementation
0%This skill content is essentially a placeholder template with no substantive information about license compliance scanning. It contains only generic descriptions of what a skill should do without any actual implementation details, code examples, tool references, or concrete guidance. The content fails to teach Claude anything about license compliance scanning.
Suggestions
Add concrete code examples showing how to scan dependencies for license compliance (e.g., using tools like license-checker, scancode-toolkit, or FOSSA)
Define a clear workflow: 1) Identify dependencies, 2) Extract license info, 3) Check against allowed/denied lists, 4) Generate compliance report
Include specific examples of license types (MIT, GPL, Apache) and their compliance implications for different use cases
Add validation steps such as how to verify scan results and handle ambiguous or missing license declarations
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is padded with generic boilerplate that explains nothing Claude doesn't already know. Phrases like 'provides automated assistance' and 'follows industry best practices' are meaningless filler with no actionable information. | 1 / 3 |
Actionability | There is zero concrete guidance - no code, no commands, no specific steps, no examples of what license compliance scanning actually involves. The content describes rather than instructs. | 1 / 3 |
Workflow Clarity | No workflow is defined at all. Despite claiming to provide 'step-by-step guidance,' there are no actual steps, no sequence, and no validation checkpoints for any license scanning process. | 1 / 3 |
Progressive Disclosure | The content is a monolithic block of vague descriptions with no references to detailed materials, no links to examples, and no structured navigation to deeper content. | 1 / 3 |
Total | 4 / 12 Passed |
Validation
69%Validation — 11 / 16 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
description_trigger_hint | Description may be missing an explicit 'when to use' trigger hint (e.g., 'Use when...') | Warning |
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
metadata_version | 'metadata' field is not a dictionary | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
body_steps | No step-by-step structure detected (no ordered list); consider adding a simple workflow | Warning |
Total | 11 / 16 Passed | |
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.