log-analysis-security
Log Analysis Security - Auto-activating skill for Security Advanced. Triggers on: log analysis security, log analysis security Part of the Security Advanced skill category.
33
Quality
0%
Does it follow best practices?
Impact
93%
0.98xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./planned-skills/generated/04-security-advanced/log-analysis-security/SKILL.mdQuality
Discovery
0%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is essentially a placeholder with no substantive content. It fails on all dimensions by providing only a category label ('Security Advanced') and a repeated trigger phrase without describing any actual capabilities, use cases, or distinguishing features. The description would be useless for Claude to select this skill appropriately from a pool of available skills.
Suggestions
Add specific capabilities: describe what the skill actually does (e.g., 'Analyzes security logs to detect intrusion attempts, identify suspicious patterns, parse authentication failures, and correlate events across log sources').
Add an explicit 'Use when...' clause with natural trigger terms users would say (e.g., 'Use when analyzing security logs, investigating breaches, reviewing auth.log, syslog, or firewall logs, or detecting suspicious activity').
Include specific log types or security scenarios to distinguish from general log analysis or general security skills (e.g., 'SIEM logs, intrusion detection, failed login attempts, privilege escalation').
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description contains no concrete actions whatsoever. It only states it's an 'auto-activating skill' and mentions 'log analysis security' without describing what it actually does (e.g., detect threats, parse log formats, identify anomalies). | 1 / 3 |
Completeness | The description fails to answer 'what does this do' (no capabilities listed) and 'when should Claude use it' (no explicit 'Use when...' clause). It only provides category metadata without functional information. | 1 / 3 |
Trigger Term Quality | The only trigger terms listed are 'log analysis security' repeated twice. This is overly generic and misses natural user phrases like 'security logs', 'audit logs', 'intrusion detection', 'suspicious activity', or specific log types (syslog, auth.log, etc.). | 1 / 3 |
Distinctiveness Conflict Risk | The description is extremely generic and would conflict with any other security or log-related skills. 'Log analysis security' provides no clear niche or distinguishing characteristics from general security analysis or general log parsing skills. | 1 / 3 |
Total | 4 / 12 Passed |
Implementation
0%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill content is essentially a placeholder that describes what a log analysis security skill should do without providing any actual guidance. It contains no executable code, no specific techniques, no tool recommendations, and no concrete workflows for analyzing security logs. The entire content is meta-description rather than actionable instruction.
Suggestions
Add concrete code examples for common log analysis tasks (e.g., parsing auth logs, detecting brute force patterns, identifying anomalous access)
Include specific tool recommendations with executable commands (e.g., grep patterns, awk scripts, or Python snippets for log parsing)
Define clear workflows for security log analysis scenarios with validation steps (e.g., 1. Collect logs, 2. Parse with X tool, 3. Look for Y indicators, 4. Validate findings)
Remove all meta-description content ('This skill provides...', 'Capabilities include...') and replace with actual technical guidance
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is padded with generic boilerplate that provides no actual value. Phrases like 'Provides step-by-step guidance' and 'Follows industry best practices' are vague filler that Claude doesn't need to be told. | 1 / 3 |
Actionability | There is zero concrete guidance, no code examples, no specific commands, and no actual instructions for performing log analysis security tasks. The content only describes what the skill supposedly does without showing how. | 1 / 3 |
Workflow Clarity | No workflow is defined whatsoever. Despite claiming to provide 'step-by-step guidance,' there are no actual steps, sequences, or validation checkpoints for any log analysis security task. | 1 / 3 |
Progressive Disclosure | The content is a monolithic block of meta-description with no structure pointing to detailed materials, no references to external files, and no organized navigation to actual technical content. | 1 / 3 |
Total | 4 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
994edc4
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.