password-strength-analyzer
Password Strength Analyzer - Auto-activating skill for Security Fundamentals. Triggers on: password strength analyzer, password strength analyzer Part of the Security Fundamentals skill category.
33
3%
Does it follow best practices?
Impact
83%
0.95xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./planned-skills/generated/03-security-fundamentals/password-strength-analyzer/SKILL.mdQuality
Discovery
7%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is essentially a restated title with no substantive content. It fails to describe what the skill actually does, provides no natural trigger terms beyond the skill name repeated, and lacks any explicit 'Use when...' guidance. It would be nearly indistinguishable from any other security-related skill in a large skill library.
Suggestions
Add concrete actions the skill performs, e.g., 'Evaluates password strength by checking length, character diversity, entropy, and common password lists. Suggests improvements for weak passwords.'
Add an explicit 'Use when...' clause with natural trigger terms, e.g., 'Use when the user asks to check a password, evaluate password security, test password strength, or wants to know if a password is strong enough.'
Remove the redundant duplicate trigger term ('password strength analyzer' listed twice) and replace with varied natural phrases users would actually say, such as 'password checker', 'is my password secure', 'password safety'.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description names the domain ('password strength') but does not describe any concrete actions like 'checks entropy', 'evaluates character diversity', 'suggests improvements', etc. It merely states the skill name twice. | 1 / 3 |
Completeness | The description fails to answer 'what does this do' beyond restating the title, and the 'when' clause is just a repetition of the skill name rather than meaningful trigger guidance. Both dimensions are very weak. | 1 / 3 |
Trigger Term Quality | The only trigger term is 'password strength analyzer' repeated twice. It misses natural user phrases like 'check my password', 'is this password secure', 'password security', 'strong password', or 'password checker'. | 1 / 3 |
Distinctiveness Conflict Risk | The phrase 'password strength' is somewhat specific to a niche, which reduces conflict with unrelated skills. However, the lack of concrete actions or clear scope means it could overlap with broader security-related skills. | 2 / 3 |
Total | 5 / 12 Passed |
Implementation
0%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is entirely a meta-description placeholder with no actual instructional content. It contains no executable code, no password strength criteria, no scoring algorithms, no examples, and no concrete guidance of any kind. It reads like an auto-generated template that was never filled in with real content.
Suggestions
Add concrete password strength evaluation criteria (minimum length, character classes, entropy calculation, common password dictionary checks) with executable code examples.
Include a specific workflow: e.g., 1) Check length, 2) Check character diversity, 3) Check against common password lists, 4) Calculate entropy score, 5) Return strength rating with feedback.
Provide at least one complete, copy-paste-ready code example (e.g., a Python function that scores a password and returns actionable feedback).
Remove all generic meta-description sections (Purpose, When to Use, Example Triggers) and replace with actual technical content that teaches how to analyze password strength.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is padded with generic filler that tells Claude nothing it doesn't already know. Phrases like 'Provides step-by-step guidance' and 'Follows industry best practices' are vacuous. The entire body could be replaced with actual password strength analysis logic in fewer tokens. | 1 / 3 |
Actionability | There is zero concrete guidance—no code, no algorithms, no specific criteria for evaluating password strength, no commands, no examples of input/output. It only describes what the skill supposedly does without actually doing it. | 1 / 3 |
Workflow Clarity | No workflow, steps, or process is defined. The skill claims to provide 'step-by-step guidance' but contains none. There are no validation checkpoints or any sequenced instructions. | 1 / 3 |
Progressive Disclosure | The content is a monolithic block of meta-description with no meaningful structure. There are no references to detailed files, no quick-start section, and no navigation to deeper content. The sections that exist (Purpose, When to Use, Capabilities) are all boilerplate with no substance. | 1 / 3 |
Total | 4 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
c8a915c
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.