Name: applescript
Rating: 52 (1 reviews)
Author: martinholovsky

applescript

Expert in AppleScript and JavaScript for Automation (JXA) for macOS system scripting. Specializes in secure script execution, application automation, and system integration. HIGH-RISK skill due to shell command execution and system-wide control capabilities.

Quality

55%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./skills/applescript/SKILL.md

Quality

Content

77%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This is a well-structured, security-focused skill with excellent actionability through complete, executable code examples and clear TDD workflows. The main weaknesses are moderate verbosity in introductory sections and a monolithic structure that could benefit from moving detailed security references to linked files. The security patterns and validation checkpoints are particularly strong.

Suggestions

Remove or condense Section 1 'Overview' expertise areas - Claude doesn't need to be told what it's an expert in

Move the detailed OWASP mapping table and CWE vulnerability descriptions to the referenced threat-model.md file

Consider moving the 'Common Mistakes' section to security-examples.md since it duplicates concepts already covered in the implementation patterns

Dimension	Reasoning	Score
Conciseness	The skill contains some unnecessary verbosity, including explanatory sections about what AppleScript is and expertise areas that Claude already knows. However, the code examples are generally efficient and the security patterns are well-documented without excessive padding.	2 / 3
Actionability	Provides fully executable Python and AppleScript code examples that are copy-paste ready. The SecureAppleScriptRunner class, SafeScriptBuilder, and test examples are complete and immediately usable.	3 / 3
Workflow Clarity	Clear TDD workflow with explicit steps (write failing test → implement minimum → refactor and verify). The pre-implementation checklist provides explicit validation checkpoints across three phases, and security checks are clearly sequenced in the execution flow.	3 / 3
Progressive Disclosure	References to external files (security-examples.md, threat-model.md, advanced-patterns.md) are present and one-level deep, but the main document is quite long (~400 lines) with content that could be split out. The OWASP mapping table and detailed vulnerability descriptions could live in the referenced threat-model.md.	2 / 3
	Total	10 / 12 Passed

Description

32%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description establishes domain expertise in macOS scripting technologies but lacks actionable trigger guidance and specific concrete actions. The HIGH-RISK warning is useful context but doesn't help Claude select this skill appropriately. The absence of a 'Use when...' clause significantly weakens its utility for skill selection.

Suggestions

Add an explicit 'Use when...' clause with trigger terms like 'AppleScript', 'automate Mac', 'JXA', 'control applications', 'macOS scripting', or 'run osascript'.

List specific concrete actions such as 'launch/quit applications', 'manipulate Finder', 'send keystrokes', 'read/write system preferences', or 'interact with Safari/Mail'.

Include natural user phrases like 'automate my Mac', 'script an app', or 'make my Mac do X automatically' to improve trigger term coverage.

Dimension	Reasoning	Score
Specificity	Names the domain (AppleScript, JXA, macOS scripting) and mentions some actions (script execution, application automation, system integration), but lacks specific concrete actions like 'launch applications', 'manipulate files', or 'control system preferences'.	2 / 3
Completeness	Describes what the skill does but completely lacks a 'Use when...' clause or any explicit trigger guidance. The rubric states missing 'Use when' should cap completeness at 2, and this description has no when guidance at all.	1 / 3
Trigger Term Quality	Includes relevant technical terms like 'AppleScript', 'JXA', 'macOS', and 'automation', but misses common user phrases like 'automate my Mac', 'run a script', 'control apps', or file extensions like '.scpt'.	2 / 3
Distinctiveness Conflict Risk	The AppleScript/JXA focus provides some distinctiveness for macOS automation, but 'application automation' and 'system integration' are generic enough to potentially overlap with other automation or scripting skills.	2 / 3
	Total	7 / 12 Passed

Validation

75%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 12 / 16 Passed

Validation for skill structure

Criteria	Description	Result
description_trigger_hint	Description may be missing an explicit 'when to use' trigger hint (e.g., 'Use when...')	Warning
metadata_version	'metadata' field is not a dictionary	Warning
license_field	'license' field is missing	Warning
frontmatter_unknown_keys	Unknown frontmatter key(s) found; consider removing or moving to metadata	Warning

	Total	12 / 16 Passed

Repository: martinholovsky/claude-skills-generator
Commit: 1086ef2

Reviewed: 4 months ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.