s3-bucket-policy-generator
S3 Bucket Policy Generator - Auto-activating skill for AWS Skills. Triggers on: s3 bucket policy generator, s3 bucket policy generator Part of the AWS Skills skill category.
35
3%
Does it follow best practices?
Impact
93%
0.98xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./planned-skills/generated/13-aws-skills/s3-bucket-policy-generator/SKILL.mdQuality
Discovery
7%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is extremely weak, consisting primarily of a title and metadata rather than a functional description of capabilities. It lacks concrete actions, natural trigger terms, and any explicit guidance on when Claude should select this skill. The duplicated trigger term and boilerplate 'Part of the AWS Skills skill category' add no useful information.
Suggestions
Add concrete actions the skill performs, e.g., 'Generates JSON S3 bucket policies for access control, including public access restrictions, cross-account access, IP-based restrictions, and VPC endpoint policies.'
Add an explicit 'Use when...' clause with natural trigger terms, e.g., 'Use when the user asks about S3 permissions, bucket access policies, restricting S3 access, S3 ACLs, or generating IAM policies for S3 buckets.'
Remove the duplicated trigger term and replace with diverse natural language variations users might actually say, such as 'S3 permissions', 'bucket access control', 'restrict bucket access', 'S3 policy JSON'.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description names the domain (S3 bucket policies) but does not describe any concrete actions. It says 'S3 Bucket Policy Generator' but doesn't explain what generating a policy entails—no mention of specific capabilities like defining access rules, setting permissions, configuring principals, or outputting JSON policies. | 1 / 3 |
Completeness | The 'what' is extremely weak—it only names itself without describing capabilities. The 'when' is missing entirely; there is no 'Use when...' clause or equivalent explicit trigger guidance. The description is mostly metadata (category, trigger list) rather than functional description. | 1 / 3 |
Trigger Term Quality | The trigger terms are just 's3 bucket policy generator' repeated twice. It misses natural variations users would say like 'S3 permissions', 'bucket access policy', 'IAM policy for S3', 'restrict S3 access', or 'S3 ACL'. The terms are narrow and redundantly duplicated. | 1 / 3 |
Distinctiveness Conflict Risk | The mention of 'S3 bucket policy' is fairly specific to a particular AWS service, which provides some distinctiveness. However, it could overlap with broader AWS IAM or security policy skills since the description doesn't clearly delineate its scope. | 2 / 3 |
Total | 5 / 12 Passed |
Implementation
0%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is essentially a placeholder with no substantive content. It contains no actual S3 bucket policy examples, no JSON templates, no guidance on principals/actions/conditions, and no validation steps. It repeatedly restates the skill name without providing any actionable information.
Suggestions
Add concrete S3 bucket policy JSON examples for common use cases (e.g., public read, cross-account access, VPC endpoint restriction, enforce encryption).
Include a workflow: 1) Identify use case, 2) Select principal/action/resource/condition, 3) Generate policy JSON, 4) Validate with `aws s3api put-bucket-policy --bucket <name> --policy file://policy.json` and test access.
Remove all meta-description sections ('When to Use', 'Example Triggers', 'Capabilities') and replace with actual policy templates and security best practices (e.g., always deny HTTP, restrict to specific IAM roles).
Add references to related materials such as IAM policy condition keys for S3, common security anti-patterns, and links to AWS documentation for advanced scenarios.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is entirely filler and meta-description. It explains what the skill does in abstract terms without providing any actual S3 bucket policy content, examples, or instructions. Every section restates the same vague information. | 1 / 3 |
Actionability | There is zero concrete guidance—no policy JSON examples, no IAM principal patterns, no specific S3 actions, no executable code or commands. It only describes rather than instructs. | 1 / 3 |
Workflow Clarity | No workflow, steps, or process is defined. Generating S3 bucket policies involves understanding the use case, selecting principals/actions/resources, and validating the policy—none of which is addressed. | 1 / 3 |
Progressive Disclosure | The content is a flat, repetitive page with no meaningful structure, no references to detailed materials, and no navigation to related resources like IAM policy syntax or common policy templates. | 1 / 3 |
Total | 4 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
933cf26
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.