CtrlK
BlogDocsLog inGet started
Tessl Logo

plugin-installer

Install validated Codex plugins from trusted sources with quarantine validation, provenance, and rollback. Use when distribution and installation are the primary goals.

62

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Advisory

Suggest reviewing before use

SKILL.md
Quality
Evals
Security

Quality

Content

65%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

A well-organized, token-efficient instruction skill with concrete boundaries and a validation loop, but its primary weakness is that the main workflow and most referenced materials are delegated to files that do not exist in the bundle, and the provided scripts are not surfaced.

Suggestions

Add references/workflow.md (and the other referenced references/ files) or inline the staged install protocol so the core workflow is actually executable from the skill.

Reference the existing scripts/install-plugin-from-github.py and scripts/github_utils.py from the body so provided tooling is discoverable and aligned with the install flow.

Expand the Workflow section with an explicit sequenced checklist (fetch pinned ref -> quarantine -> validate -> install -> record provenance/rollback) rather than only pointing to an external file.

DimensionReasoningScore

Conciseness

The body is lean and bullet-driven with no padding or explanation of concepts Claude already knows; every section (Inputs, Outputs, Constraints, Gotchas) earns its place and assumes competence.

3 / 3

Actionability

Some concrete guidance exists (executable validation command, explicit network allowlist, concrete Inputs/Outputs), but the core install workflow delegates to 'references/workflow.md' which is not present, leaving key executable detail incomplete.

2 / 3

Workflow Clarity

A validation checkpoint and fail-fast feedback loop are stated ('Fail fast: stop at first failed gate'), but the staged install sequence itself is not shown in the body — it is delegated to a missing reference — so the multi-step sequence is implicit rather than explicit.

2 / 3

Progressive Disclosure

The 'Read when' navigation signals one-level-deep references clearly, but the actual bundle does not match: the references/ directory is absent (all four referenced files missing) while the existing scripts/ files are never referenced, so the disclosure promise is broken.

2 / 3

Total

9

/

12

Passed

Description

85%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

A strong, concise description that states concrete capabilities and an explicit use-when trigger, with a clear niche. Its main weakness is trigger-term breadth — the activation phrasing is somewhat formal and omits common user-worded variations.

DimensionReasoningScore

Specificity

Lists multiple concrete capabilities — 'Install validated Codex plugins', 'quarantine validation, provenance, and rollback' — matching the anchor that names several specific actions rather than vague language.

3 / 3

Completeness

Explicitly answers both what ('Install validated Codex plugins from trusted sources with quarantine validation, provenance, and rollback') and when ('Use when distribution and installation are the primary goals'), satisfying the explicit-trigger requirement.

3 / 3

Trigger Term Quality

The trigger 'Use when distribution and installation are the primary goals' includes relevant keywords but is formal and narrow, missing common natural variations a user would say like 'install/add a plugin' or 'plugin setup'.

2 / 3

Distinctiveness Conflict Risk

The install/quarantine/provenance/rollback niche is clearly distinct from sibling creation and hardening skills, and the 'installation are the primary goals' phrasing is designed to disambiguate from build-oriented skills.

3 / 3

Total

11

/

12

Passed

Validation

81%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation13 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

metadata_version

'metadata.version' is missing

Warning

relative_links

Relative link issues: 1 missing, 1 suspicious

Warning

referenced_paths_exist

Referenced path issues: 6 missing

Warning

Total

13

/

16

Passed

Repository
jscraik/Agent-Skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.