aikido-security
Aikido Security integration. Manage data, records, and automate workflows. Use when the user wants to interact with Aikido Security data.
39
37%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/aikido-security/SKILL.mdQuality
Discovery
40%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description names the integration (Aikido Security) but fails to describe any specific capabilities or security-related actions. The 'what' portion is boilerplate language that could apply to virtually any integration, and the 'when' clause is circular rather than providing meaningful trigger guidance. It would benefit greatly from listing concrete security-related actions and domain-specific trigger terms.
Suggestions
Replace the generic 'manage data, records, and automate workflows' with specific Aikido Security actions such as 'scan repositories for vulnerabilities, review security findings, manage issue remediation, track compliance status'.
Expand the 'Use when...' clause with natural trigger terms like 'vulnerability scanning', 'security issues', 'code vulnerabilities', 'Aikido', 'application security', or 'security findings'.
Add domain-specific keywords that users would naturally use when requesting security-related tasks to improve trigger term coverage and distinctiveness.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description uses vague language like 'manage data, records, and automate workflows' without specifying any concrete actions. It doesn't describe what kind of data, what records, or what workflows are involved with Aikido Security. | 1 / 3 |
Completeness | It has a 'Use when...' clause ('Use when the user wants to interact with Aikido Security data'), but the 'what' portion is extremely generic ('manage data, records, and automate workflows') and the 'when' clause is essentially a tautology that doesn't add meaningful trigger guidance. | 2 / 3 |
Trigger Term Quality | It includes 'Aikido Security' as a key trigger term which is specific to the product, but lacks natural keywords users might say such as 'vulnerabilities', 'security scanning', 'code security', 'SAST', 'DAST', or other security-related terms that would help match user intent. | 2 / 3 |
Distinctiveness Conflict Risk | The mention of 'Aikido Security' provides some distinctiveness as a named product, but 'manage data, records, and automate workflows' is so generic it could overlap with dozens of other integration skills. Only the product name prevents a score of 1. | 2 / 3 |
Total | 7 / 12 Passed |
Implementation
35%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is largely a generic Membrane CLI tutorial with an Aikido Security label. It explains what Aikido Security is (unnecessary for Claude), walks through generic connection and action patterns, but provides zero Aikido-specific examples, action IDs, or workflows. The 'Popular actions' section is empty, and the entity overview (Finding, Repository, User) is unexpanded, making the skill far less useful than it could be for its stated purpose.
Suggestions
Remove the introductory paragraph explaining what Aikido Security is and its market positioning — Claude doesn't need this context.
Add concrete Aikido-specific action examples (e.g., listing findings, getting repository details) with actual action names, input parameters, and expected output snippets.
Populate the 'Popular actions' section with real Aikido Security actions rather than just a discovery command.
Extract the generic Membrane CLI setup/authentication content into a shared reference file, keeping only Aikido-specific guidance in this SKILL.md.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The opening paragraph explains what Aikido Security is, its target market, and value proposition — all information Claude doesn't need. The Membrane CLI setup, authentication flows, and connection state machine are generic boilerplate not specific to Aikido Security. Much of this content is a generic Membrane tutorial rather than Aikido-specific guidance. | 1 / 3 |
Actionability | The skill provides concrete CLI commands for authentication, connection setup, action discovery, and proxy requests, which are copy-paste ready. However, there are no Aikido-specific action examples (e.g., listing findings, getting repositories), and the 'Popular actions' section is empty — it just tells you to discover them yourself, which undermines actionability for the stated purpose. | 2 / 3 |
Workflow Clarity | The connection setup workflow is well-sequenced with state handling (READY, BUILDING, CLIENT_ACTION_REQUIRED, errors), but there are no validation checkpoints for the actual Aikido Security workflows (managing findings, records, etc.). The skill covers setup but not the actual task workflows implied by the description. | 2 / 3 |
Progressive Disclosure | The content is structured with clear headers and sections, and references official docs. However, with no bundle files, all content is inline in a single file. The 'Popular actions' section is essentially empty, and the overview section listing Finding/Repository/User entities provides no links or further detail, making navigation incomplete. | 2 / 3 |
Total | 7 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 10 / 11 Passed | |
- Repository
- membranedev/application-skills
- Commit
f484c82
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.