security-benchmark-runner
Security Benchmark Runner - Auto-activating skill for Security Advanced. Triggers on: security benchmark runner, security benchmark runner Part of the Security Advanced skill category.
38
Quality
7%
Does it follow best practices?
Impact
94%
1.02xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./planned-skills/generated/04-security-advanced/security-benchmark-runner/SKILL.mdQuality
Discovery
7%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is severely deficient, essentially providing only a skill name and category without any substantive information about capabilities or use cases. It reads like auto-generated placeholder text rather than a functional skill description. Claude would have no meaningful basis for selecting this skill appropriately.
Suggestions
Add specific concrete actions the skill performs (e.g., 'Runs CIS benchmarks, scans for CVEs, audits system configurations against security standards')
Include a 'Use when...' clause with natural trigger terms users would say (e.g., 'Use when the user asks to check security compliance, run vulnerability scans, or audit against security benchmarks')
Remove the redundant trigger term repetition and replace with varied, natural language terms like 'security audit', 'compliance check', 'vulnerability assessment', 'CIS benchmark'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description contains no concrete actions whatsoever. 'Security Benchmark Runner' is just a name, and 'Auto-activating skill for Security Advanced' provides no information about what the skill actually does. | 1 / 3 |
Completeness | The description fails to answer both 'what does this do' and 'when should Claude use it'. There is no explanation of capabilities and no meaningful trigger guidance beyond the redundant skill name. | 1 / 3 |
Trigger Term Quality | The only trigger terms listed are 'security benchmark runner' repeated twice, which is circular and unhelpful. No natural user language like 'run security scan', 'check vulnerabilities', or 'audit security' is included. | 1 / 3 |
Distinctiveness Conflict Risk | While 'Security Benchmark Runner' is a specific name that provides some distinctiveness, the lack of actual capability description means it could easily conflict with other security-related skills. The category mention 'Security Advanced' is too vague. | 2 / 3 |
Total | 5 / 12 Passed |
Implementation
7%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is a placeholder template with no actual content. It describes capabilities abstractly without providing any concrete guidance, code examples, or workflows for security benchmark running. The skill fails to teach Claude anything actionable about the domain.
Suggestions
Add concrete code examples or commands for running security benchmarks (e.g., specific tools like OpenSCAP, CIS-CAT, or custom scripts with actual syntax)
Define a clear workflow with numbered steps for executing a security benchmark, including validation checkpoints and error handling
Remove generic boilerplate sections ('Capabilities', 'Example Triggers') and replace with specific, actionable content about benchmark configuration, execution, and result interpretation
Include specific benchmark frameworks or standards (CIS Benchmarks, STIG, etc.) with concrete implementation guidance
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is padded with generic boilerplate that provides no actual value. Phrases like 'Provides step-by-step guidance' and 'Follows industry best practices' are vague filler that Claude already understands conceptually. | 1 / 3 |
Actionability | There is no concrete guidance, code, commands, or specific instructions. The entire skill describes what it does abstractly without providing any executable or actionable content for security benchmark running. | 1 / 3 |
Workflow Clarity | No workflow is defined. There are no steps, sequences, or validation checkpoints. The skill claims to provide 'step-by-step guidance' but contains none. | 1 / 3 |
Progressive Disclosure | The content is organized into sections with headers, but there are no references to detailed materials, examples, or external files. The structure exists but contains no substantive content to disclose progressively. | 2 / 3 |
Total | 5 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
994edc4
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.