oauth-client-setup
Oauth Client Setup - Auto-activating skill for API Integration. Triggers on: oauth client setup, oauth client setup Part of the API Integration skill category.
33
3%
Does it follow best practices?
Impact
85%
1.03xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./planned-skills/generated/16-api-integration/oauth-client-setup/SKILL.mdQuality
Discovery
7%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is essentially a boilerplate template with no substantive content. It repeats the skill name as its own trigger term, provides no concrete actions or capabilities, and lacks any explicit guidance on when Claude should select this skill. It would be nearly indistinguishable from other API-related skills in a multi-skill environment.
Suggestions
Add specific concrete actions the skill performs, e.g., 'Configures OAuth 2.0 client credentials, registers redirect URIs, generates client ID and secret pairs, and sets up authorization flows (authorization code, client credentials, implicit).'
Add an explicit 'Use when...' clause with natural trigger terms, e.g., 'Use when the user needs to set up OAuth authentication, configure API credentials, register an OAuth app, or mentions client ID, client secret, redirect URI, or authorization flow.'
Remove the duplicated trigger term ('oauth client setup' appears twice) and expand with natural variations users would actually say, such as 'OAuth2 setup', 'API authentication', 'app registration', 'client credentials', 'access tokens'.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description only names the domain ('oauth client setup') without describing any concrete actions. There are no specific capabilities listed such as 'configure redirect URIs', 'generate client credentials', or 'register OAuth applications'. | 1 / 3 |
Completeness | The description fails to answer both 'what does this do' and 'when should Claude use it'. There is no explicit 'Use when...' clause, and the 'what' is essentially just the skill name restated. The description is boilerplate template text rather than meaningful content. | 1 / 3 |
Trigger Term Quality | The trigger terms are just 'oauth client setup' repeated twice. Missing natural variations users would say like 'OAuth2', 'client ID', 'client secret', 'API credentials', 'authorization', 'access token', or 'app registration'. | 1 / 3 |
Distinctiveness Conflict Risk | While 'OAuth client setup' is a somewhat specific domain, the vague description and mention of the broad 'API Integration' category could cause overlap with other API-related skills. The lack of specific actions makes it harder to distinguish from general API configuration skills. | 2 / 3 |
Total | 5 / 12 Passed |
Implementation
0%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is a hollow template with no substantive content. It contains only self-referential descriptions of what it claims to do without any actual OAuth client setup instructions, code examples, configuration details, or workflow steps. It provides zero value to Claude for performing OAuth client setup tasks.
Suggestions
Add concrete, executable code examples for OAuth client setup (e.g., registering a client, configuring redirect URIs, implementing the authorization code flow with a specific library).
Define a clear multi-step workflow: 1) Register OAuth app, 2) Configure scopes/redirect URIs, 3) Implement token exchange, 4) Validate token response—with specific commands or code at each step.
Remove all meta-description sections ('When to Use', 'Example Triggers', 'Capabilities') that describe the skill itself rather than teaching how to perform OAuth client setup.
Add security best practices specific to OAuth (e.g., use PKCE for public clients, store secrets securely, validate state parameter) as concise, actionable bullet points.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is entirely filler and meta-description. It explains what the skill does in abstract terms without providing any actual OAuth client setup instructions, code, or concrete guidance. Every section restates the same vague idea. | 1 / 3 |
Actionability | There is zero concrete, executable guidance—no code snippets, no commands, no specific OAuth flows, no configuration examples. The content only describes what it would do rather than actually doing it. | 1 / 3 |
Workflow Clarity | No workflow steps are defined. Claims to provide 'step-by-step guidance' but none is actually present. OAuth client setup involves multiple steps (registration, redirect URIs, token exchange) and none are outlined. | 1 / 3 |
Progressive Disclosure | No meaningful structure or references to detailed content. The sections are purely meta-descriptive headers with no real content beneath them, and no links to further resources or documentation. | 1 / 3 |
Total | 4 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
4dee593
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.