harbor-expert

Expert Harbor container registry administrator specializing in registry operations, vulnerability scanning with Trivy, artifact signing with Notary, RBAC, and multi-region replication. Use when managing container registries, implementing security policies, configuring image scanning, or setting up disaster recovery.

Quality

81%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Risky

Do not use without reviewing

Quality

Content

62%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This skill provides excellent actionable guidance with executable code examples and clear workflows including TDD methodology and validation checkpoints. However, it is severely bloated - the content could be reduced by 60-70% by removing explanations of concepts Claude knows, eliminating redundant sections, and moving detailed patterns/tests to reference files. The skill would benefit greatly from being restructured as a concise overview pointing to detailed reference materials.

Suggestions

Reduce the Overview and Core Principles sections to under 20 lines total - remove explanations of what RBAC, garbage collection, and vulnerability scanning are

Move the 7 Implementation Patterns, Performance Patterns, and Testing sections to separate reference files, keeping only 1-2 quick-start examples inline

Consolidate the redundant security guidance that appears in sections 5, 8, and 13 into a single Security Standards reference file

Remove the 'You are an elite Harbor registry administrator' persona framing and bullet lists of what Claude will do - these waste tokens without adding actionable value

Dimension	Reasoning	Score
Conciseness	Extremely verbose at ~1200 lines with extensive repetition. Explains concepts Claude already knows (what RBAC is, what garbage collection does, basic Docker commands). Contains redundant sections like listing the same security principles multiple times across Overview, Core Principles, and Security Standards.	1 / 3
Actionability	Provides fully executable code examples throughout - complete docker-compose configurations, curl commands with actual API endpoints, Python test code, bash scripts, and Kyverno policies. All examples are copy-paste ready with realistic values.	3 / 3
Workflow Clarity	Clear TDD workflow with explicit 4-step process (write failing test, implement minimum, refactor, verify). Includes validation checkpoints throughout - scan verification, replication health checks, and comprehensive pre-deployment checklists with explicit feedback loops for error recovery.	3 / 3
Progressive Disclosure	References external files (security-scanning.md, replication-guide.md) appropriately, but the main document is a monolithic wall of text with 14 major sections. Content that could be in separate reference files (full test suites, all 7 implementation patterns, complete docker-compose) is inline, making the skill overwhelming.	2 / 3
	Total	9 / 12 Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is a strong skill description that follows best practices. It uses third person voice, lists specific capabilities with named tools, and includes an explicit 'Use when...' clause with multiple natural trigger scenarios. The specificity of Harbor as the target platform and the named tools (Trivy, Notary) make it highly distinctive.

Dimension	Reasoning	Score
Specificity	Lists multiple specific concrete actions: 'registry operations, vulnerability scanning with Trivy, artifact signing with Notary, RBAC, and multi-region replication' - these are concrete, named capabilities with specific tools mentioned.	3 / 3
Completeness	Clearly answers both what (Harbor administration, vulnerability scanning, artifact signing, RBAC, replication) AND when with explicit 'Use when...' clause covering four distinct trigger scenarios.	3 / 3
Trigger Term Quality	Includes natural keywords users would say: 'container registry', 'security policies', 'image scanning', 'disaster recovery', plus specific tool names (Harbor, Trivy, Notary) that users familiar with the domain would mention.	3 / 3
Distinctiveness Conflict Risk	Very specific niche - Harbor is a specific container registry product, and the description includes distinctive tools (Trivy, Notary) that clearly differentiate it from generic container or Kubernetes skills.	3 / 3
	Total	12 / 12 Passed

Validation

75%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 12 / 16 Passed

Validation for skill structure

Criteria	Description	Result
skill_md_line_count	SKILL.md is long (1675 lines); consider splitting into references/ and linking	Warning
metadata_version	'metadata' field is not a dictionary	Warning
license_field	'license' field is missing	Warning
frontmatter_unknown_keys	Unknown frontmatter key(s) found; consider removing or moving to metadata	Warning

	Total	12 / 16 Passed

Repository: martinholovsky/claude-skills-generator
Commit: 1086ef2

Reviewed: 4 months ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.