CtrlK
BlogDocsLog inGet started
Tessl Logo

pci-dss-validator

Pci Dss Validator - Auto-activating skill for Security Advanced. Triggers on: pci dss validator, pci dss validator Part of the Security Advanced skill category.

41

1.04x
Quality

11%

Does it follow best practices?

Impact

100%

1.04x

Average score across 3 eval scenarios

SecuritybySnyk

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./planned-skills/generated/04-security-advanced/pci-dss-validator/SKILL.md
SKILL.md
Quality
Evals
Security

Evaluation results

100%

11%

Payment Service Pre-Audit Security Scan

PCI-DSS code compliance scanner

Criteria
Without context
With context

Runnable scanner script

100%

100%

Scan report produced

100%

100%

PCI-DSS requirement grouping

100%

100%

PAN in logs detection

100%

100%

CVV storage detection

80%

100%

Weak cryptography detection

70%

100%

Hardcoded credentials detection

100%

100%

SQL injection detection

25%

100%

File and line references

100%

100%

Step-by-step structure

100%

100%

No non-standard dependencies

100%

100%

Standards reference in report

100%

100%

Without context: $0.5727 · 2m 36s · 21 turns · 22 in / 10,885 out tokens

With context: $0.6215 · 2m 32s · 26 turns · 58 in / 9,189 out tokens

100%

Cardholder Data Environment Scoping Assessment

Step-by-step PCI-DSS scoping assessment

Criteria
Without context
With context

CDE component identification

100%

100%

PCI-DSS requirement mapping

100%

100%

Network segmentation gap

100%

100%

Access control gaps identified

100%

100%

MFA gap identified

100%

100%

Orphaned access gap identified

100%

100%

Logging / monitoring gap

100%

100%

CI/CD secrets gap

100%

100%

Prioritized remediation

100%

100%

Step-by-step structure

100%

100%

Tokenization scope reduction

100%

100%

IDS/WAF recommendation

100%

100%

Without context: $0.4348 · 3m 15s · 12 turns · 13 in / 10,072 out tokens

With context: $0.5852 · 3m 27s · 22 turns · 284 in / 10,787 out tokens

100%

PCI DSS Threat Model for a Payment Microservice

Production-ready PCI-DSS network controls

Criteria
Without context
With context

Structured methodology used

100%

100%

threat_matrix.json produced

100%

100%

PCI-DSS requirement numbers in matrix

100%

100%

CVV in debug logs threat

100%

100%

Secrets at rest threat

100%

100%

TLS configuration threat

100%

100%

Insider/lateral movement threat

100%

100%

Risk rating assigned

100%

100%

Recommended controls specific

100%

100%

Step-by-step structure

100%

100%

Data flow coverage

100%

100%

No raw PAN in logs control

100%

100%

Without context: $0.4509 · 2m 55s · 14 turns · 14 in / 10,097 out tokens

With context: $0.6972 · 3m 53s · 25 turns · 131 in / 12,978 out tokens

Repository
jeremylongshore/claude-code-plugins-plus-skills
Commit

994edc4

Evaluated
Agent
Claude Code
Model
Claude Sonnet 4.6

Table of Contents

Payment Service Pre-Audit Security ScanCardholder Data Environment Scoping AssessmentPCI DSS Threat Model for a Payment Microservice

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill