CtrlK
CommunityDocumentationLog inGet started
Tessl Logo

validating-authentication-implementations

tessl i github:jeremylongshore/claude-code-plugins-plus-skills --skill validating-authentication-implementations

This skill enables Claude to validate authentication implementations against security best practices and industry standards. It analyzes various authentication methods, including JWT, OAuth, session-based authentication, and API keys. Use this skill when you need to perform an authentication security check, assess password policies, evaluate MFA implementation, or analyze session security. Trigger this skill with phrases like "validate authentication," "authentication check," or "authcheck."

60%

Overall

Validation81%

Implementation20%

Activation100%

SKILL.md
Review
Evals

Validation

81%
CriteriaDescriptionResult

metadata_version

'metadata' field is not a dictionary

Warning

license_field

'license' field is missing

Warning

body_output_format

No obvious output/return/format terms detected; consider specifying expected outputs

Warning

Total

13

/

16

Passed

Implementation

20%

This skill content is overly descriptive and lacks actionable guidance. It explains what the skill does conceptually but provides no executable code, specific commands, or concrete validation steps. The content assumes Claude needs explanation of basic security concepts rather than providing the specific instructions needed to perform authentication validation.

Suggestions

Replace abstract descriptions with concrete, executable code examples showing how to actually validate JWT tokens, session cookies, and password policies

Add specific validation commands or scripts that Claude can run, rather than describing what a plugin will do

Remove explanatory content about what authentication methods are and focus on the specific checks and their expected outputs

Include a checklist or validation criteria with pass/fail conditions for each authentication type

DimensionReasoningScore

Conciseness

The content is verbose and explains concepts Claude already knows (what JWT is, what session cookies are, basic security concepts). The 'How It Works' and 'When to Use This Skill' sections repeat information and add little actionable value.

1 / 3

Actionability

No concrete code, commands, or executable guidance provided. The skill describes what will happen abstractly ('The skill will analyze...') but never shows actual validation commands, code snippets, or specific checks to perform.

1 / 3

Workflow Clarity

Steps are listed in a sequence (initiate, analyze, generate report) but lack validation checkpoints, error handling, or feedback loops. The examples describe outcomes but not how to verify or iterate on findings.

2 / 3

Progressive Disclosure

Content is organized into sections but everything is inline in one file. The 'Best Practices' section could be a separate reference, and there are no links to detailed documentation for specific authentication types.

2 / 3

Total

6

/

12

Passed

Activation

100%

This is a well-crafted skill description that excels across all dimensions. It provides specific capabilities, includes natural trigger terms users would say, explicitly states both what the skill does and when to use it, and carves out a distinct niche in authentication security validation. The description uses proper third-person voice throughout.

DimensionReasoningScore

Specificity

Lists multiple specific concrete actions: 'validate authentication implementations', 'analyzes various authentication methods', 'perform an authentication security check', 'assess password policies', 'evaluate MFA implementation', 'analyze session security'. Also names specific technologies: JWT, OAuth, session-based authentication, API keys.

3 / 3

Completeness

Clearly answers both what ('validate authentication implementations against security best practices', 'analyzes various authentication methods') AND when ('Use this skill when you need to perform an authentication security check...') with explicit trigger phrases provided.

3 / 3

Trigger Term Quality

Includes good coverage of natural terms: 'validate authentication', 'authentication check', 'authcheck', 'password policies', 'MFA implementation', 'session security', plus technology names like 'JWT', 'OAuth', 'API keys' that users would naturally mention.

3 / 3

Distinctiveness Conflict Risk

Clear niche focused specifically on authentication security validation. The specific focus on auth methods (JWT, OAuth, sessions, API keys) and security aspects (password policies, MFA, session security) creates distinct triggers unlikely to conflict with general security or coding skills.

3 / 3

Total

12

/

12

Passed

Reviewed

Table of Contents

ValidationImplementationActivation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill