applescript
Expert in AppleScript and JavaScript for Automation (JXA) for macOS system scripting. Specializes in secure script execution, application automation, and system integration. HIGH-RISK skill due to shell command execution and system-wide control capabilities.
65
55%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/applescript/SKILL.mdQuality
Discovery
32%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
The description establishes domain expertise in macOS scripting technologies but lacks actionable trigger guidance and specific concrete actions. The HIGH-RISK warning is useful context but doesn't help Claude select this skill appropriately. The absence of a 'Use when...' clause significantly weakens its utility for skill selection.
Suggestions
Add an explicit 'Use when...' clause with trigger terms like 'AppleScript', 'automate Mac', 'JXA', 'control applications', 'macOS scripting', or 'run osascript'.
List specific concrete actions such as 'launch/quit applications', 'manipulate Finder', 'send keystrokes', 'read/write system preferences', or 'interact with Safari/Mail'.
Include natural user phrases like 'automate my Mac', 'script an app', or 'make my Mac do X automatically' to improve trigger term coverage.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (AppleScript, JXA, macOS scripting) and mentions some actions (script execution, application automation, system integration), but lacks specific concrete actions like 'launch applications', 'manipulate files', or 'control system preferences'. | 2 / 3 |
Completeness | Describes what the skill does but completely lacks a 'Use when...' clause or any explicit trigger guidance. The rubric states missing 'Use when' should cap completeness at 2, and this description has no when guidance at all. | 1 / 3 |
Trigger Term Quality | Includes relevant technical terms like 'AppleScript', 'JXA', 'macOS', and 'automation', but misses common user phrases like 'automate my Mac', 'run a script', 'control apps', or file extensions like '.scpt'. | 2 / 3 |
Distinctiveness Conflict Risk | The AppleScript/JXA focus provides some distinctiveness for macOS automation, but 'application automation' and 'system integration' are generic enough to potentially overlap with other automation or scripting skills. | 2 / 3 |
Total | 7 / 12 Passed |
Implementation
77%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured, security-focused skill with excellent actionability through complete, executable code examples and clear TDD workflows. The main weaknesses are moderate verbosity in introductory sections and a monolithic structure that could benefit from moving detailed security references to linked files. The security patterns and validation checkpoints are particularly strong.
Suggestions
Remove or condense Section 1 'Overview' expertise areas - Claude doesn't need to be told what it's an expert in
Move the detailed OWASP mapping table and CWE vulnerability descriptions to the referenced threat-model.md file
Consider moving the 'Common Mistakes' section to security-examples.md since it duplicates concepts already covered in the implementation patterns
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill contains some unnecessary verbosity, including explanatory sections about what AppleScript is and expertise areas that Claude already knows. However, the code examples are generally efficient and the security patterns are well-documented without excessive padding. | 2 / 3 |
Actionability | Provides fully executable Python and AppleScript code examples that are copy-paste ready. The SecureAppleScriptRunner class, SafeScriptBuilder, and test examples are complete and immediately usable. | 3 / 3 |
Workflow Clarity | Clear TDD workflow with explicit steps (write failing test → implement minimum → refactor and verify). The pre-implementation checklist provides explicit validation checkpoints across three phases, and security checks are clearly sequenced in the execution flow. | 3 / 3 |
Progressive Disclosure | References to external files (security-examples.md, threat-model.md, advanced-patterns.md) are present and one-level deep, but the main document is quite long (~400 lines) with content that could be split out. The OWASP mapping table and detailed vulnerability descriptions could live in the referenced threat-model.md. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
75%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 12 / 16 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
description_trigger_hint | Description may be missing an explicit 'when to use' trigger hint (e.g., 'Use when...') | Warning |
metadata_version | 'metadata' field is not a dictionary | Warning |
license_field | 'license' field is missing | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 12 / 16 Passed | |
- Repository
- martinholovsky/claude-skills-generator
- Commit
1086ef2
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.