ark-issues
Search, list, view, and update existing GitHub issues. Primary use case is CVE tracking and security vulnerability issue management. Used by the ark-security-patcher agent. For drafting NEW issues with research and task breakdowns, use the "issue-creation" skill instead.
74
62%
Does it follow best practices?
Impact
94%
1.40xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./.claude/skills/issues/SKILL.mdQuality
Discovery
82%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong description that clearly specifies concrete actions, a well-defined domain (CVE/security vulnerability tracking), and excellent disambiguation from a related skill. The main weakness is the absence of an explicit 'Use when...' clause, which would help Claude more reliably select this skill in ambiguous situations.
Suggestions
Add an explicit 'Use when...' clause, e.g., 'Use when the user asks to search, view, or update existing GitHub issues, especially related to CVEs or security vulnerabilities.'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'Search, list, view, and update existing GitHub issues.' Also specifies the primary domain: 'CVE tracking and security vulnerability issue management.' | 3 / 3 |
Completeness | Clearly answers 'what' (search, list, view, update GitHub issues for CVE tracking) and provides some implicit 'when' context (used by ark-security-patcher agent, for existing issues), but lacks an explicit 'Use when...' clause with trigger guidance. The rubric caps completeness at 2 when this is missing. | 2 / 3 |
Trigger Term Quality | Includes strong natural keywords users/agents would use: 'GitHub issues', 'CVE tracking', 'security vulnerability', 'issue management', 'search', 'list', 'view', 'update'. These are terms naturally associated with the task. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with clear boundaries: explicitly scoped to 'existing GitHub issues' and 'CVE tracking/security vulnerability issue management,' and even includes a disambiguation clause directing users to 'issue-creation' skill for new issues. This makes conflict very unlikely. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
42%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
The skill provides highly actionable, executable gh CLI commands for GitHub issue management, which is its primary strength. However, it is severely bloated with repetition (the repo flag appears ~30 times, the security template appears twice, the CVE search workflow is described in three separate sections), explanations of concepts Claude already knows, and lacks any progressive disclosure structure. Cutting this to ~80 lines with a reference file for templates would dramatically improve it.
Suggestions
Extract the repo name into a note at the top (e.g., 'All commands target `mckinsey/agents-at-scale-ark`') and omit `--repo` from most examples, or define it once as a variable.
Remove duplicate content: the security issue template appears twice, the CVE search workflow appears in three sections (Common Workflows, Integration with Security Workflow, Common Patterns), and 'Closes #123' linking is explained in multiple places.
Remove sections Claude already knows: error handling for 'issue not found', explanations of what `Closes #123` does, best practices like 'be specific with titles', and the 'When to use this skill' preamble.
Move the security issue template and batch operation patterns into separate reference files (e.g., TEMPLATES.md, PATTERNS.md) to reduce the main skill's token footprint.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Extremely verbose and repetitive. The same `--repo mckinsey/agents-at-scale-ark` flag is repeated in every single command (~30 times). The 'Integration with Security Workflow' section largely duplicates 'Common Workflows'. The 'When to use this skill' section, best practices like 'be specific' with good/bad title examples, error handling for 'issue not found', and explanations of `Closes #123` syntax are all things Claude already knows. The security issue template appears twice. This could easily be cut by 60%+. | 1 / 3 |
Actionability | All commands are concrete, executable `gh` CLI invocations with real flags and realistic examples. The bash scripts for checking existing issues, JSON parsing with `--jq`, and the heredoc for issue creation are all copy-paste ready. No pseudocode or vague instructions. | 3 / 3 |
Workflow Clarity | Workflows are listed and sequenced (search → check → create/link), but there are no explicit validation checkpoints. The batch operations section at the end creates multiple issues in a loop with no validation or error handling, which should cap this at 2. The 'check for existing CVE issues' workflow is clear but lacks a feedback loop for edge cases like partial matches. | 2 / 3 |
Progressive Disclosure | This is a monolithic wall of text at ~200 lines with no references to external files. Content like the security issue template, batch operations patterns, and the full error handling section could be split into separate reference files. There's significant duplication (security workflow described in multiple sections) that better organization would eliminate. | 1 / 3 |
Total | 7 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- mckinsey/agents-at-scale-ark
- Commit
6b7c761
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.