acunetix
Acunetix integration. Manage data, records, and automate workflows. Use when the user wants to interact with Acunetix data.
73
67%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/acunetix/SKILL.mdQuality
Discovery
57%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
The description relies heavily on the brand name 'Acunetix' for identification but fails to describe what Acunetix actually does or what specific capabilities the skill provides. The generic phrases 'manage data, records, and automate workflows' are boilerplate that could apply to any integration. It does have a proper 'Use when' clause, which is a structural positive, but the content within it is too vague to be truly useful for skill selection.
Suggestions
Replace generic phrases with Acunetix-specific actions such as 'run vulnerability scans, retrieve scan results, manage scan targets, configure scan profiles'.
Add domain-specific trigger terms users would naturally say, such as 'vulnerability scan', 'web security scan', 'DAST', 'scan targets', 'security assessment'.
Expand the 'Use when' clause with specific triggers like 'Use when the user mentions vulnerability scanning, web application security testing, Acunetix scans, or security assessments'.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description uses vague language like 'manage data, records, and automate workflows' without listing any concrete actions specific to Acunetix. These phrases could apply to virtually any integration tool. | 1 / 3 |
Completeness | It does answer both 'what' (manage data, records, automate workflows) and 'when' (when the user wants to interact with Acunetix data) with an explicit 'Use when' clause, even though both parts are vague. | 3 / 3 |
Trigger Term Quality | It includes 'Acunetix' as a key trigger term which is specific and useful, but lacks natural terms users might say like 'vulnerability scan', 'web security', 'scan results', 'targets', or 'DAST'. | 2 / 3 |
Distinctiveness Conflict Risk | The mention of 'Acunetix' provides some distinctiveness, but 'manage data, records, and automate workflows' is so generic it could overlap with any other integration skill. Without domain-specific terms like 'vulnerability scanning' or 'web application security', it's not clearly distinguishable. | 2 / 3 |
Total | 8 / 12 Passed |
Implementation
77%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a solid integration skill with excellent actionability and workflow clarity — every step has concrete, executable CLI commands and state handling is well-documented with feedback loops. The main weaknesses are unnecessary introductory content (explaining what Acunetix is), a hollow 'Popular actions' section, and some redundancy that could be trimmed for better token efficiency.
Suggestions
Remove the opening paragraph explaining what Acunetix is and the bare entity overview list — Claude already knows what Acunetix is, and the entity list without actionable context wastes tokens.
Either populate the 'Popular actions' section with actual common action examples (e.g., 'List targets', 'Start a scan') or remove it entirely since it just repeats the discovery command.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The opening paragraph explains what Acunetix is, which is unnecessary context for Claude. The overview section listing entities (Scans, Targets, Reports, etc.) adds no actionable value. However, the CLI commands and workflow sections are reasonably efficient. | 2 / 3 |
Actionability | The skill provides fully executable CLI commands for every step: installation, authentication, connection management, action discovery, action creation, and action execution. Commands include flags like --json and --wait with clear explanations of their effects. | 3 / 3 |
Workflow Clarity | The multi-step workflow is clearly sequenced: install CLI → authenticate → ensure connection → handle connection states → search for actions → create if needed → run actions. Each state (READY, BUILDING, CLIENT_ACTION_REQUIRED, etc.) has explicit handling instructions with polling/retry loops for async operations. | 3 / 3 |
Progressive Disclosure | The content is reasonably structured with clear sections, but it's somewhat monolithic — all content is inline in a single file. The 'Popular actions' section is essentially empty (just repeats the discovery command). The overview section with bullet points of entities doesn't link to anything useful. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Repository
- membranedev/application-skills
- Commit
88db8c5
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.