CtrlK
BlogDocsLog inGet started
Tessl Logo

analyzing-browser-forensics-with-hindsight

Analyze Chromium-based browser artifacts using Hindsight to extract browsing history, downloads, cookies, cached content, autofill data, saved passwords, and browser extensions from Chrome, Edge, Brave, and Opera for forensic investigation.

62

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Critical

Do not install without reviewing

SKILL.md
Quality
Evals
Security

Quality

Content

65%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

Highly actionable content with executable commands and code, but it underuses its own bundle: the inline script duplicates an existing file, references are not linked, and the workflow lacks validation checkpoints. Tightening these would lift conciseness and progressive disclosure.

Suggestions

Replace the inline Python script with a pointer to scripts/process.py (and scripts/agent.py) and link references/api-reference.md for the full SQL schemas, keeping only a minimal quick-start snippet inline.

Add explicit validation checkpoints to the workflow — e.g. verify the History database opened read-only, confirm record counts, and handle a missing/encrypted profile before analysis — to support error recovery.

Link the existing assets/template.md report template and references/workflows.md so the overview navigates to the deeper material rather than reproducing it inline.

DimensionReasoningScore

Conciseness

The body is mostly efficient but the full Python analysis script is duplicated inline (the same logic exists in scripts/process.py), and the verbose Example Output block adds length that could be trimmed or offloaded to a reference.

2 / 3

Actionability

Provides copy-paste-ready Hindsight CLI commands, real SQL schemas, and a complete executable Python script, satisfying the highest anchor for concrete executable guidance.

3 / 3

Workflow Clarity

Steps exist (locate profile, run Hindsight, analyze artifacts) but there are no explicit validation checkpoints or error-recovery feedback loops, and the rubric notes batch/forensic operations benefit from them — capping this at 2.

2 / 3

Progressive Disclosure

Bundle files exist (references/, scripts/, assets/template.md) but the body never links to them; the inline script duplicates scripts/process.py and References only lists external URLs, so the overview does not point clearly to the provided reference material.

2 / 3

Total

9

/

12

Passed

Description

82%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

A specific, trigger-rich description tied to a clear forensic niche, weakened only by the absence of an explicit 'Use when...' trigger clause. Adding that clause would raise completeness to the top level.

Suggestions

Append an explicit 'Use when...' clause, e.g. 'Use when investigating browser activity in Chromium-based browsers (Chrome, Edge, Brave, Opera) or when the user mentions browsing history, cookies, or downloads in a forensic context.'

Confirm the description uses third person throughout (it currently does) and avoid any second-person phrasing to preserve the specificity score.

DimensionReasoningScore

Specificity

Lists multiple concrete actions such as 'extract browsing history, downloads, cookies, cached content, autofill data, saved passwords, and browser extensions', matching the highest anchor.

3 / 3

Completeness

It clearly states what the skill does but lacks an explicit 'Use when...' clause or equivalent trigger guidance, so per the rubric guideline completeness is capped at 2.

2 / 3

Trigger Term Quality

Includes natural terms a user would say — 'browsing history', 'cookies', 'downloads', 'browser extensions', 'Chrome, Edge, Brave, and Opera' — with strong coverage of common variations.

3 / 3

Distinctiveness Conflict Risk

The Hindsight/Chromium-forensics niche is distinct and unlikely to trigger for the wrong skill, with named browsers and artifact types that disambiguate it.

3 / 3

Total

11

/

12

Passed

Validation

93%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation15 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

15

/

16

Passed

Repository
mukul975/Anthropic-Cybersecurity-Skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.