azure-auth
Microsoft Entra ID (Azure AD) authentication for React SPAs with MSAL.js and Cloudflare Workers JWT validation using jose library. Full-stack pattern with Authorization Code Flow + PKCE. Prevents 8 documented errors. Use when: implementing Microsoft SSO, troubleshooting AADSTS50058 loops, AADSTS700084 refresh token errors, React Router redirects, setActiveAccount re-render issues, or validating Entra ID tokens in Workers.
87
Does it follow best practices?
If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:
npx tessl skill review --optimize ./path/to/skillValidation for skill structure
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is an excellent skill description that excels across all dimensions. It provides specific technical details about the implementation stack, includes highly searchable trigger terms including specific error codes that developers would encounter, has an explicit 'Use when:' clause with concrete scenarios, and occupies a distinct niche that won't conflict with other authentication skills.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'authentication for React SPAs with MSAL.js', 'Cloudflare Workers JWT validation using jose library', 'Authorization Code Flow + PKCE', and mentions preventing '8 documented errors'. Very specific technical implementation details. | 3 / 3 |
Completeness | Clearly answers both what (Microsoft Entra ID authentication pattern with specific technologies) AND when with explicit 'Use when:' clause listing specific scenarios including error codes, implementation tasks, and troubleshooting situations. | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural terms users would search for: 'Microsoft Entra ID', 'Azure AD', 'MSAL.js', 'Microsoft SSO', specific error codes like 'AADSTS50058' and 'AADSTS700084', 'React Router redirects', 'setActiveAccount', 'Cloudflare Workers'. These are exactly what developers would type when facing these issues. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with a very specific niche: Microsoft Entra ID + React SPA + Cloudflare Workers + specific error codes. Unlikely to conflict with generic auth skills due to the precise technology stack and error code references. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
77%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a high-quality, actionable skill with excellent executable code examples and comprehensive error handling documentation. The workflow is clear with proper validation patterns. However, the document is overly long and could benefit from splitting migration/deprecation content into separate files and trimming explanatory sections that assume less of Claude's knowledge.
Suggestions
Move Azure AD B2C Sunset and ADAL Retirement sections to a separate MIGRATION.md file, keeping only a brief note with link in the main skill
Remove the 'Why jose Instead of MSAL' explanation - a single comment in the code noting Workers compatibility is sufficient
Consider splitting the Common Errors section into a separate TROUBLESHOOTING.md file, keeping only the top 3 most frequent errors inline
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is comprehensive but includes some unnecessary verbosity, such as the architecture diagram explanation and detailed migration information that could be linked externally. The 'Why jose Instead of MSAL' section explains concepts Claude likely knows. | 2 / 3 |
Actionability | Excellent executable code throughout - complete TypeScript examples for MSAL configuration, token validation, protected routes, and error handling. All code is copy-paste ready with proper imports and type annotations. | 3 / 3 |
Workflow Clarity | Clear sequential setup steps (Install → Azure Portal → Frontend → Backend), explicit error handling patterns with try/catch blocks, and the Common Errors section provides excellent validation/recovery guidance for each failure mode. | 3 / 3 |
Progressive Disclosure | Content is well-organized with clear sections, but the document is monolithic at ~500 lines. Migration information (B2C sunset, ADAL retirement) and multi-tenant details could be split into separate reference files. External links are provided but inline content is heavy. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
75%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 12 / 16 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
skill_md_line_count | SKILL.md is long (623 lines); consider splitting into references/ and linking | Warning |
metadata_version | 'metadata' field is not a dictionary | Warning |
license_field | 'license' field is missing | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 12 / 16 Passed | |
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.