setup-auth
Sets up authentication (login/logout via Microsoft Entra ID) and role-based authorization for a Power Pages code site. Configures identity providers, protected routes, and access control. Use when the user wants to add login, configure Entra ID, enable authentication, or add role-based access to their site.
76
73%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./plugins/power-pages/skills/setup-auth/SKILL.mdQuality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong skill description that clearly communicates specific capabilities (authentication, authorization, identity provider configuration), targets a well-defined platform (Power Pages with Entra ID), and includes an explicit 'Use when...' clause with natural trigger terms. It is concise, uses third-person voice throughout, and would be easily distinguishable from other skills in a large collection.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'Sets up authentication (login/logout via Microsoft Entra ID)', 'role-based authorization', 'Configures identity providers, protected routes, and access control'. These are concrete, actionable capabilities. | 3 / 3 |
Completeness | Clearly answers both 'what' (sets up authentication, configures identity providers, protected routes, access control) and 'when' with an explicit 'Use when...' clause listing trigger scenarios: 'add login, configure Entra ID, enable authentication, or add role-based access'. | 3 / 3 |
Trigger Term Quality | Includes strong natural keywords users would say: 'login', 'logout', 'Microsoft Entra ID', 'authentication', 'role-based access', 'identity providers', 'protected routes', 'Power Pages'. Good coverage of terms a user would naturally use when requesting this functionality. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with a clear niche: authentication and authorization specifically for Power Pages code sites using Microsoft Entra ID. The combination of platform (Power Pages), technology (Entra ID), and function (auth/RBAC) makes it very unlikely to conflict with other skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
47%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a comprehensive, well-structured workflow with excellent sequencing and validation checkpoints, but it suffers significantly from verbosity and repetition. The framework-specific variations are repeated across phases 3-6 adding substantial token cost, and phase output summaries restate what was already described. The actionability is moderate—function signatures and file paths are specific, but actual implementation code is largely deferred to external references that weren't provided.
Suggestions
Reduce token cost by consolidating framework-specific patterns into a single reference table or the existing framework-conventions.md, rather than repeating React/Vue/Angular/Astro variations in every phase.
Remove the 'Output' sections at the end of each phase—they restate what was just described and add ~50 lines of redundant content.
Remove the 'Key Decision Points' section at the end, as every decision point is already clearly documented inline within its respective phase.
Add more executable code for the auth service implementation (especially fetchAntiForgeryToken and login flow) rather than describing function behavior in prose—or confirm the referenced authentication-reference.md contains this.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is extremely verbose at ~400+ lines with significant repetition. Phase outputs restate what was just described, the 'Key Decision Points' section duplicates information already covered in each phase, and many instructions describe things Claude can infer (e.g., how to search for files, what a nav component is). The detailed tables for AskUserQuestion options and the repeated framework-specific listings add substantial token cost. | 1 / 3 |
Actionability | The skill provides concrete file paths, specific function signatures, and some code examples (React/Vue/Angular patterns, bash commands), but most of the core implementation is described rather than provided as executable code. The auth service functions are listed by name but not fully implemented—Claude must generate the actual implementation from descriptions. The references to external files (authentication-reference.md, authorization-reference.md) likely contain the real implementation details but aren't provided. | 2 / 3 |
Workflow Clarity | The 8-phase workflow is clearly sequenced with explicit validation checkpoints (Phase 7 includes file verification, build verification, and UI rendering verification via Playwright). Decision points are well-defined with specific options and branching logic. Error recovery is addressed (build failures trigger fixes before proceeding, deployment prerequisites gate progress). | 3 / 3 |
Progressive Disclosure | The skill references external files (framework-conventions.md, authentication-reference.md, authorization-reference.md, skill-tracking-reference.md) which is good progressive disclosure, but the SKILL.md itself is monolithic—it contains extensive inline detail that could be split into phase-specific reference files. The framework-specific variations for React/Vue/Angular/Astro are repeated across multiple phases and would benefit from being in the referenced framework-conventions.md rather than inline. | 2 / 3 |
Total | 8 / 12 Passed |
Validation
72%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 8 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
skill_md_line_count | SKILL.md is long (580 lines); consider splitting into references/ and linking | Warning |
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 8 / 11 Passed | |
- Repository
- microsoft/power-platform-skills
- Commit
48e49c4
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.