firebase-auth
Build with Firebase Authentication - email/password, OAuth providers, phone auth, and custom tokens. Use when: setting up auth flows, implementing sign-in/sign-up, managing user sessions, protecting routes, or troubleshooting auth/invalid-credential, auth/popup-closed, auth/user-not-found, or token refresh errors. Prevents 12 documented errors.
Overall
score
87%
Does it follow best practices?
If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:
npx tessl skill review --optimize ./path/to/skillValidation for skill structure
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is an excellent skill description that hits all the marks. It uses third person voice, provides specific capabilities (auth methods), includes an explicit 'Use when:' clause with both common scenarios and specific error codes as triggers, and is clearly scoped to Firebase Authentication specifically. The inclusion of documented error codes is particularly strong for trigger matching.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'email/password, OAuth providers, phone auth, and custom tokens' as auth methods, plus 'setting up auth flows, implementing sign-in/sign-up, managing user sessions, protecting routes' as specific tasks. | 3 / 3 |
Completeness | Clearly answers both what ('Build with Firebase Authentication' with specific auth methods) AND when (explicit 'Use when:' clause covering setup, implementation, management, and troubleshooting scenarios with specific error codes). | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural terms users would say: 'Firebase Authentication', 'auth flows', 'sign-in/sign-up', 'user sessions', 'protecting routes', plus specific error codes like 'auth/invalid-credential', 'auth/popup-closed', 'auth/user-not-found', 'token refresh errors'. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with 'Firebase Authentication' as a clear niche, specific Firebase error codes as triggers, and focused scope that wouldn't conflict with general auth skills or other Firebase services. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
77%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a highly actionable Firebase Authentication skill with excellent executable code examples and clear workflow sequences. The main weaknesses are its length (could be split into focused sub-documents) and some verbosity in explanatory sections that Claude doesn't need. The error handling table and Known Issues Prevention section add significant value for preventing common mistakes.
Suggestions
Split into multiple files: keep SKILL.md as overview with Quick Start, then reference separate files for OAuth (OAUTH.md), MFA (MFA.md), and Session Management (SESSIONS.md)
Remove or condense the Security Best Practices section - most items are standard security knowledge Claude already has
Trim the Known Issues Prevention table to just the non-obvious issues (#4, #5, #8, #9) since others are standard error handling
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is comprehensive but includes some unnecessary verbosity, such as the detailed Known Issues Prevention table and extensive OAuth provider setup that could be condensed. The security best practices section contains guidance Claude already knows. | 2 / 3 |
Actionability | Excellent executable code examples throughout - all TypeScript snippets are copy-paste ready with proper imports, error handling, and real-world patterns. The code covers complete flows from initialization to token verification. | 3 / 3 |
Workflow Clarity | Multi-step processes are clearly sequenced with numbered steps (Quick Start, Phone Auth steps 1-3, MFA enrollment). Critical validation points are highlighted with CRITICAL callouts and explicit error handling patterns. | 3 / 3 |
Progressive Disclosure | The skill is a monolithic 500+ line document that could benefit from splitting into separate files (e.g., OAuth providers, MFA, session management). While sections are well-organized with clear headers, there are no references to external detailed documentation files. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
75%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 12 / 16 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
skill_md_line_count | SKILL.md is long (735 lines); consider splitting into references/ and linking | Warning |
metadata_version | 'metadata' field is not a dictionary | Warning |
license_field | 'license' field is missing | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 12 / 16 Passed | |
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.