harbor-expert
Expert Harbor container registry administrator specializing in registry operations, vulnerability scanning with Trivy, artifact signing with Notary, RBAC, and multi-region replication. Use when managing container registries, implementing security policies, configuring image scanning, or setting up disaster recovery.
80
81%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Risky
Do not use without reviewing
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong skill description that follows best practices. It uses third person voice, lists specific capabilities with named tools, and includes an explicit 'Use when...' clause with multiple natural trigger scenarios. The specificity of Harbor as the target platform and the named tools (Trivy, Notary) make it highly distinctive.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'registry operations, vulnerability scanning with Trivy, artifact signing with Notary, RBAC, and multi-region replication' - these are concrete, named capabilities with specific tools mentioned. | 3 / 3 |
Completeness | Clearly answers both what (Harbor administration, vulnerability scanning, artifact signing, RBAC, replication) AND when with explicit 'Use when...' clause covering four distinct trigger scenarios. | 3 / 3 |
Trigger Term Quality | Includes natural keywords users would say: 'container registry', 'security policies', 'image scanning', 'disaster recovery', plus specific tool names (Harbor, Trivy, Notary) that users familiar with the domain would mention. | 3 / 3 |
Distinctiveness Conflict Risk | Very specific niche - Harbor is a specific container registry product, and the description includes distinctive tools (Trivy, Notary) that clearly differentiate it from generic container or Kubernetes skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
62%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill provides excellent actionable guidance with executable code examples and clear workflows including TDD methodology and validation checkpoints. However, it is severely bloated - the content could be reduced by 60-70% by removing explanations of concepts Claude knows, eliminating redundant sections, and moving detailed patterns/tests to reference files. The skill would benefit greatly from being restructured as a concise overview pointing to detailed reference materials.
Suggestions
Reduce the Overview and Core Principles sections to under 20 lines total - remove explanations of what RBAC, garbage collection, and vulnerability scanning are
Move the 7 Implementation Patterns, Performance Patterns, and Testing sections to separate reference files, keeping only 1-2 quick-start examples inline
Consolidate the redundant security guidance that appears in sections 5, 8, and 13 into a single Security Standards reference file
Remove the 'You are an elite Harbor registry administrator' persona framing and bullet lists of what Claude will do - these waste tokens without adding actionable value
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Extremely verbose at ~1200 lines with extensive repetition. Explains concepts Claude already knows (what RBAC is, what garbage collection does, basic Docker commands). Contains redundant sections like listing the same security principles multiple times across Overview, Core Principles, and Security Standards. | 1 / 3 |
Actionability | Provides fully executable code examples throughout - complete docker-compose configurations, curl commands with actual API endpoints, Python test code, bash scripts, and Kyverno policies. All examples are copy-paste ready with realistic values. | 3 / 3 |
Workflow Clarity | Clear TDD workflow with explicit 4-step process (write failing test, implement minimum, refactor, verify). Includes validation checkpoints throughout - scan verification, replication health checks, and comprehensive pre-deployment checklists with explicit feedback loops for error recovery. | 3 / 3 |
Progressive Disclosure | References external files (security-scanning.md, replication-guide.md) appropriately, but the main document is a monolithic wall of text with 14 major sections. Content that could be in separate reference files (full test suites, all 7 implementation patterns, complete docker-compose) is inline, making the skill overwhelming. | 2 / 3 |
Total | 9 / 12 Passed |
Validation
75%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 12 / 16 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
skill_md_line_count | SKILL.md is long (1675 lines); consider splitting into references/ and linking | Warning |
metadata_version | 'metadata' field is not a dictionary | Warning |
license_field | 'license' field is missing | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 12 / 16 Passed | |
- Repository
- martinholovsky/claude-skills-generator
- Commit
1086ef2
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.