security-benchmark-runner
Security Benchmark Runner - Auto-activating skill for Security Advanced. Triggers on: security benchmark runner, security benchmark runner Part of the Security Advanced skill category.
Install with Tessl CLI
npx tessl i github:jeremylongshore/claude-code-plugins-plus-skills --skill security-benchmark-runnerOverall
score
17%
Does it follow best practices?
Validation for skill structure
Activation
0%This description is essentially a placeholder with no substantive content. It provides only the skill name, a circular trigger term, and a category reference without explaining what the skill does, what actions it performs, or when it should be selected. This would be unusable for skill selection among multiple options.
Suggestions
Add specific concrete actions the skill performs (e.g., 'Runs CIS benchmarks, scans for CVEs, audits system configurations against security standards')
Include a 'Use when...' clause with natural trigger terms users would say (e.g., 'Use when the user asks to check security compliance, run vulnerability scans, or audit against security benchmarks')
Remove the redundant trigger term and replace with varied natural language keywords like 'security audit', 'compliance check', 'vulnerability scan', 'CIS benchmark', 'security assessment'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description contains no concrete actions whatsoever. 'Security Benchmark Runner' is just a name, and 'Auto-activating skill for Security Advanced' provides no information about what the skill actually does. | 1 / 3 |
Completeness | The description fails to answer both 'what does this do' and 'when should Claude use it'. There is no explanation of capabilities and no meaningful trigger guidance beyond the redundant skill name. | 1 / 3 |
Trigger Term Quality | The only trigger terms listed are 'security benchmark runner' repeated twice, which is circular and unhelpful. No natural user language like 'run security scan', 'check vulnerabilities', or 'audit security' is included. | 1 / 3 |
Distinctiveness Conflict Risk | While 'Security Benchmark Runner' sounds specific, the lack of any actual description of what it does makes it impossible to distinguish from other security-related skills. The vague 'Security Advanced skill category' reference adds no clarity. | 1 / 3 |
Total | 4 / 12 Passed |
Implementation
0%This skill content is essentially a placeholder template with no actual instructional value. It describes what a security benchmark runner skill should do without providing any concrete guidance, code, tools, or workflows. The content would be completely unhelpful to Claude attempting to assist with security benchmark tasks.
Suggestions
Add concrete examples of security benchmark tools (e.g., OpenSCAP, CIS-CAT, Lynis) with executable commands for running them
Provide a clear workflow: 1) Select benchmark profile, 2) Run scan command, 3) Parse results, 4) Generate remediation report - with validation at each step
Include actual code snippets for parsing benchmark output formats (XCCDF, OVAL) and generating compliance reports
Remove all the meta-description content ('This skill provides...', 'When to Use...') and replace with actionable technical content
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is padded with generic boilerplate that provides no actual information about security benchmark running. Phrases like 'provides automated assistance' and 'follows industry best practices' are meaningless filler that waste tokens. | 1 / 3 |
Actionability | There is zero concrete guidance - no code, no commands, no specific tools, no actual steps for running security benchmarks. The content only describes what the skill claims to do without showing how to do anything. | 1 / 3 |
Workflow Clarity | No workflow is provided whatsoever. There are no steps, no sequence, no validation checkpoints - just vague claims about 'step-by-step guidance' without actually providing any. | 1 / 3 |
Progressive Disclosure | The content is a monolithic block of marketing-style text with no structure for discovery. No references to detailed documentation, no links to examples or advanced topics, just self-referential trigger phrases. | 1 / 3 |
Total | 4 / 12 Passed |
Validation
69%Validation — 11 / 16 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
description_trigger_hint | Description may be missing an explicit 'when to use' trigger hint (e.g., 'Use when...') | Warning |
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
metadata_version | 'metadata' field is not a dictionary | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
body_steps | No step-by-step structure detected (no ordered list); consider adding a simple workflow | Warning |
Total | 11 / 16 Passed | |
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.