password-strength-analyzer
Password Strength Analyzer - Auto-activating skill for Security Fundamentals. Triggers on: password strength analyzer, password strength analyzer Part of the Security Fundamentals skill category.
33
3%
Does it follow best practices?
Impact
83%
0.95xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./planned-skills/generated/03-security-fundamentals/password-strength-analyzer/SKILL.mdQuality
Discovery
7%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is extremely thin—it essentially restates the skill's title without explaining what it does or when it should be used. It lacks concrete actions, meaningful trigger terms, and explicit activation guidance, making it nearly useless for skill selection among a large set of available skills.
Suggestions
Add concrete actions the skill performs, e.g., 'Evaluates password strength by analyzing length, character diversity, entropy, and common pattern usage. Provides a strength score and improvement recommendations.'
Add an explicit 'Use when...' clause with natural trigger terms, e.g., 'Use when the user asks to check a password, evaluate password security, test password strength, or wants to know if a password is strong enough.'
Remove the duplicate trigger term ('password strength analyzer' is listed twice) and expand with natural user language variations like 'is my password secure', 'password checker', 'how strong is this password'.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description names the domain ('Password Strength Analyzer') but does not describe any concrete actions. There is no mention of what the skill actually does—e.g., checking entropy, evaluating character diversity, scoring passwords, or providing improvement suggestions. | 1 / 3 |
Completeness | The description fails to clearly answer 'what does this do' beyond the title, and the 'when' clause is essentially just the skill name repeated. There is no explicit 'Use when...' guidance with meaningful triggers. | 1 / 3 |
Trigger Term Quality | The only trigger terms listed are 'password strength analyzer' repeated twice. It misses natural user phrases like 'check my password', 'is this password secure', 'password security', 'how strong is my password', etc. | 1 / 3 |
Distinctiveness Conflict Risk | The phrase 'password strength' is fairly specific and unlikely to conflict with most other skills, but the lack of concrete actions and the vague 'Security Fundamentals' category could cause overlap with other security-related skills. | 2 / 3 |
Total | 5 / 12 Passed |
Implementation
0%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is an empty template with no substantive content whatsoever. It contains only generic boilerplate descriptions that could apply to any topic, with no actual guidance on password strength analysis—no scoring algorithms, no entropy calculations, no code examples, no OWASP references, no concrete criteria. It provides zero value beyond what Claude already knows.
Suggestions
Add concrete, executable code for a password strength analyzer (e.g., a Python function that checks length, character diversity, entropy, and common password lists).
Include specific password strength criteria and scoring rubrics (e.g., NIST SP 800-63B guidelines, zxcvbn-style scoring, minimum entropy thresholds).
Provide example inputs and expected outputs showing how passwords of varying complexity are scored and what feedback is returned.
Remove all generic boilerplate sections ('When to Use', 'Example Triggers', 'Capabilities') and replace with actionable security-specific content such as common vulnerability patterns in password validation.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is entirely filler and boilerplate. It explains nothing Claude doesn't already know, contains no domain-specific information about password strength analysis, and every section is generic template text that could apply to any skill. | 1 / 3 |
Actionability | There is zero concrete guidance—no code, no algorithms, no specific criteria for password strength evaluation, no commands, no examples of input/output. Every bullet point is vague and abstract (e.g., 'Provides step-by-step guidance' without any actual steps). | 1 / 3 |
Workflow Clarity | No workflow is defined at all. There are no steps, no sequence, no validation checkpoints. The skill claims to provide 'step-by-step guidance' but contains none. | 1 / 3 |
Progressive Disclosure | No bundle files exist, no references to external resources, and the content itself is a flat list of generic sections with no meaningful structure or navigation. There is nothing to progressively disclose because there is no substantive content. | 1 / 3 |
Total | 4 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
13d35b8
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.