zero-trust-config-helper
Zero Trust Config Helper - Auto-activating skill for Security Advanced. Triggers on: zero trust config helper, zero trust config helper Part of the Security Advanced skill category.
34
0%
Does it follow best practices?
Impact
100%
1.00xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./planned-skills/generated/04-security-advanced/zero-trust-config-helper/SKILL.mdQuality
Discovery
0%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is essentially a placeholder with no substantive content. It repeats the skill name as its only trigger term, provides zero information about what the skill actually does, and lacks any 'Use when...' guidance. It would be nearly impossible for Claude to correctly select this skill from a pool of available skills.
Suggestions
Add concrete actions describing what the skill does, e.g., 'Generates zero trust network architecture configurations, validates access control policies, and creates micro-segmentation rules.'
Add an explicit 'Use when...' clause with natural trigger terms, e.g., 'Use when the user asks about zero trust architecture, network access policies, identity-based security, micro-segmentation, or least-privilege access configurations.'
Remove the redundant duplicate trigger term and replace with varied natural language terms users would actually say, such as 'zero trust', 'ZTA', 'network security config', 'access control policies', 'identity verification setup'.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description contains no concrete actions whatsoever. It only names itself ('Zero Trust Config Helper') and states it's part of 'Security Advanced' but never describes what it actually does—no verbs like 'configures', 'validates', 'generates', etc. | 1 / 3 |
Completeness | Neither 'what does this do' nor 'when should Claude use it' is meaningfully answered. There is no 'Use when...' clause, and the 'what' is entirely absent beyond the skill name itself. | 1 / 3 |
Trigger Term Quality | The only trigger terms listed are the skill's own name repeated twice ('zero trust config helper'). There are no natural user keywords like 'zero trust architecture', 'network segmentation', 'access policies', 'security configuration', or any terms a user would naturally say. | 1 / 3 |
Distinctiveness Conflict Risk | The description is so vague that it's unclear what domain it covers beyond 'zero trust' and 'security'. Without specific actions or triggers, it could easily conflict with any other security-related skill and provides no clear niche. | 1 / 3 |
Total | 4 / 12 Passed |
Implementation
0%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is essentially a placeholder template with no substantive content. It contains zero actionable information about zero trust architecture, network segmentation, identity verification, micro-segmentation, or any other concrete zero trust concepts. Every section restates the skill name without providing any actual guidance, making it completely non-functional as a skill.
Suggestions
Add concrete zero trust configuration examples (e.g., network policy YAML for Kubernetes, identity-aware proxy configs, micro-segmentation rules) with executable code or configuration snippets.
Define a clear multi-step workflow for implementing zero trust: e.g., 1) Inventory assets, 2) Define trust boundaries, 3) Configure identity verification, 4) Apply least-privilege policies, 5) Validate with specific test commands.
Remove all generic filler text ('Provides step-by-step guidance', 'Follows industry best practices') and replace with specific zero trust principles, tool references (e.g., BeyondCorp, SPIFFE/SPIRE, OPA), and concrete configuration patterns.
Add references to supporting files for detailed topics like compliance mapping (SOC2/GDPR to zero trust controls), threat model templates, and example policy-as-code configurations.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is padded with generic filler text that tells Claude nothing it doesn't already know. Phrases like 'Provides step-by-step guidance' and 'Follows industry best practices' are vacuous. There is zero domain-specific information about zero trust architecture, configurations, or security patterns. | 1 / 3 |
Actionability | There are no concrete instructions, commands, code snippets, configuration examples, or specific guidance whatsoever. The entire skill describes what it does in abstract terms without ever actually doing or teaching anything actionable. | 1 / 3 |
Workflow Clarity | No workflow, steps, or process is defined. The skill claims to provide 'step-by-step guidance' but contains none. For a security configuration task, there are no validation checkpoints, no sequenced operations, and no error handling. | 1 / 3 |
Progressive Disclosure | The content is a flat, monolithic block with no references to supporting files, no structured navigation, and no separation of overview from detailed content. There are no bundle files to support it either. | 1 / 3 |
Total | 4 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
13d35b8
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.