x-api
Read and post to X/Twitter via API. Check mentions, post tweets, search. Use app bearer tokens for read-only fetches and OAuth 1.0a user context for account actions.
78
73%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Advisory
Suggest reviewing before use
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/x-api/SKILL.mdQuality
Discovery
82%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong description with excellent specificity and trigger term coverage, clearly identifying the X/Twitter domain with concrete actions and technical authentication details. Its main weakness is the absence of an explicit 'Use when...' clause, which would help Claude know precisely when to select this skill. Adding that clause would elevate this from good to excellent.
Suggestions
Add an explicit 'Use when...' clause, e.g., 'Use when the user asks to tweet, check Twitter/X mentions, search tweets, or interact with the Twitter/X API.'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: read, post, check mentions, post tweets, search. Also specifies authentication methods (app bearer tokens, OAuth 1.0a), which adds technical specificity. | 3 / 3 |
Completeness | Clearly answers 'what' (read, post, check mentions, search via API with specific auth methods), but lacks an explicit 'Use when...' clause. The when is only implied by the actions listed, which caps this at 2 per the rubric guidelines. | 2 / 3 |
Trigger Term Quality | Includes strong natural trigger terms users would say: 'X', 'Twitter', 'API', 'mentions', 'tweets', 'search', 'post'. Covers both the old and new platform names (X/Twitter), which is excellent for matching user queries. | 3 / 3 |
Distinctiveness Conflict Risk | Very clearly scoped to X/Twitter API interactions. The platform-specific naming (X/Twitter), action types (tweets, mentions), and authentication details (bearer tokens, OAuth 1.0a) make it highly distinctive and unlikely to conflict with other skills. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
64%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a solid, highly actionable skill with executable code for all major X/Twitter API operations. Its main weaknesses are the lack of validation/error-handling checkpoints in workflows (especially for destructive operations like deleting tweets) and the monolithic structure that could benefit from splitting auth patterns and API reference into separate files. The content is mostly concise but has minor redundancies.
Suggestions
Add response validation steps after API calls (e.g., check `r.status_code`, print error bodies on failure) especially for posting and deleting tweets.
Split the common API calls reference into a separate file (e.g., X_API_REFERENCE.md) and keep SKILL.md as a concise overview with 1-2 key examples.
Remove the duplicate mention that OAuth 1.0a tokens don't expire (appears in both the Alternative section and the Rules section).
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is mostly efficient with concrete code examples, but includes some unnecessary explanation (e.g., explaining what bearer tokens are for, the parenthetical about ADR-0119, noting that OAuth 1.0a tokens don't expire twice). The inline bearer token derivation script is lengthy but justified since it's executable. Some tightening possible. | 2 / 3 |
Actionability | Fully executable code examples throughout — bearer token derivation, OAuth1Session setup, and all common API calls are copy-paste ready with real endpoints, user IDs, and parameter structures. Secret leasing commands are concrete and specific. | 3 / 3 |
Workflow Clarity | The auth flow and common operations are clear, and the 'revoke leases after use' step is present. However, there are no explicit validation checkpoints (e.g., checking response status codes, handling auth failures, verifying tweet was posted successfully). For operations like posting/deleting tweets, missing feedback loops cap this at 2. | 2 / 3 |
Progressive Disclosure | Content is well-sectioned with clear headers, but everything is in a single monolithic file. The common API calls section and the authentication section are both quite long and could benefit from being split into referenced files. No external references are provided for advanced topics. | 2 / 3 |
Total | 9 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Repository
- joelhooks/joelclaw
- Commit
ce9ca8e
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.