acunetix
Acunetix integration. Manage data, records, and automate workflows. Use when the user wants to interact with Acunetix data.
Install with Tessl CLI
npx tessl i github:membranedev/application-skills --skill acunetix61
Does it follow best practices?
If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:
npx tessl skill review --optimize ./path/to/skillValidation for skill structure
Discovery
40%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description follows a generic template pattern that fails to communicate what Acunetix actually does (web vulnerability scanning) or what specific capabilities the skill provides. The 'Use when' clause is present but circular and unhelpful. The description would benefit significantly from domain-specific terminology and concrete action verbs.
Suggestions
Replace generic 'manage data, records' with specific Acunetix actions like 'run vulnerability scans, view scan results, manage targets, generate security reports'
Add security-related trigger terms users would naturally say: 'vulnerability scan', 'web security', 'DAST', 'security assessment', 'penetration testing'
Rewrite the 'Use when' clause to include specific scenarios: 'Use when scanning websites for vulnerabilities, reviewing security findings, or managing web application security assessments'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description uses vague language like 'Manage data, records, and automate workflows' without specifying concrete actions. It doesn't explain what Acunetix is (a web vulnerability scanner) or what specific operations can be performed (e.g., run scans, view vulnerabilities, generate reports). | 1 / 3 |
Completeness | Has a 'Use when' clause but it's circular and uninformative ('Use when the user wants to interact with Acunetix data'). The 'what' is generic ('manage data, records') and the 'when' doesn't provide meaningful trigger guidance beyond the product name. | 2 / 3 |
Trigger Term Quality | Includes 'Acunetix' as a trigger term which users familiar with the tool would use, but lacks natural variations like 'vulnerability scan', 'security scan', 'web security', or 'DAST' that users might say when needing this skill. | 2 / 3 |
Distinctiveness Conflict Risk | The Acunetix product name provides some distinctiveness, but 'manage data, records, and automate workflows' is generic boilerplate that could apply to dozens of integration skills. Could conflict with other security scanning tools or generic data management skills. | 2 / 3 |
Total | 7 / 12 Passed |
Implementation
64%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill provides solid, actionable CLI commands for Acunetix integration via Membrane, with good executable examples. However, it includes unnecessary introductory explanation, lacks validation/error handling guidance in workflows, and the entity overview section adds little value without corresponding actions or references.
Suggestions
Remove the introductory paragraph explaining what Acunetix is - Claude already knows this
Either remove the 'Acunetix Overview' entity list or link each item to specific actions/documentation
Add validation steps after key operations (e.g., 'Verify connection succeeded by running membrane connection list')
Include error handling guidance for common failure scenarios (auth failures, invalid connection IDs)
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill includes some unnecessary explanation (e.g., 'Acunetix is a web application security scanner used to identify vulnerabilities...') that Claude already knows. The overview section listing entities without context adds little value. However, the CLI commands and examples are reasonably efficient. | 2 / 3 |
Actionability | Provides fully executable CLI commands throughout with clear syntax examples. Commands are copy-paste ready with proper flags documented, and the proxy request section includes a useful options table. | 3 / 3 |
Workflow Clarity | Steps for setup and connection are listed but lack validation checkpoints. No guidance on verifying successful connection, handling errors, or confirming actions completed successfully. The workflow is sequential but missing feedback loops. | 2 / 3 |
Progressive Disclosure | Content is reasonably organized with clear sections, but everything is inline in one file. The 'Overview' section listing entities (Scans, Targets, Reports, etc.) provides no actionable detail or links to deeper documentation. Could benefit from separating advanced proxy usage or action discovery into referenced files. | 2 / 3 |
Total | 9 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.