CtrlK
BlogDocsLog inGet started
Tessl Logo

analyzing-network-packets-with-scapy

Craft, send, sniff, and dissect network packets using Scapy for protocol analysis, network reconnaissance, and traffic anomaly detection in authorized security testing

57

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Advisory

Suggest reviewing before use

SKILL.md
Quality
Evals
Security

Quality

Content

65%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The body is concise and well-sequenced with a genuine supporting reference and script, but it provides no executable code inline, lacks validation/feedback loops in the workflow, and fails to explicitly link to the bundled reference files. Adding inline code snippets, a validation step, and explicit reference links would strengthen it.

Suggestions

Add a short inline executable code snippet (e.g., a rdpcap/sniff example) so the body is actionable without forcing a file hop.

Insert an explicit validation/feedback step in the workflow (e.g., 'Verify the pcap loaded and re-run detection with a lower threshold if no anomalies are found').

Signal the bundled material with markdown links, e.g., 'See [api-reference.md](references/api-reference.md) for full Scapy API details' and 'See [agent.py](scripts/agent.py) for the analysis CLI'.

DimensionReasoningScore

Conciseness

The body is lean (~35 lines), gives a single concise definition and terse step bullets, and assumes Claude's competence without padding concepts Claude already knows, matching the lean-and-efficient score-3 anchor.

3 / 3

Actionability

Steps name specific functions like 'rdpcap()' and layer names, but the body contains no executable code or commands (all live in references and scripts), fitting the score-2 anchor of incomplete concrete guidance with missing details.

2 / 3

Workflow Clarity

A clear 7-step sequence exists, but there are no validation checkpoints or feedback loops for batch packet/anomaly operations, so per the guideline workflow clarity is capped at 2.

2 / 3

Progressive Disclosure

A real one-level-deep reference (references/api-reference.md) and script (scripts/agent.py) exist, but the body never signals or links to them with markdown links, matching the score-2 anchor of references present but not clearly signaled.

2 / 3

Total

9

/

12

Passed

Description

67%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is specific and distinct, naming concrete Scapy actions and a clear niche, but lacks an explicit 'Use when...' trigger clause and omits common layperson terms like 'pcap' and 'packet capture'. Adding explicit trigger guidance and a few natural keyword variations would raise completeness and trigger-term quality.

Suggestions

Add an explicit 'Use when...' trigger clause (e.g., 'Use when analyzing pcap captures, sniffing traffic, or investigating packet-level network anomalies with Scapy').

Include common natural terms users say, such as 'pcap', 'packet capture', and 'capture files', alongside the current technical vocabulary.

Keep the concrete action list but ensure the 'when' guidance is stated as an explicit trigger rather than only implied by the 'for ...' use-case phrase.

DimensionReasoningScore

Specificity

Names multiple concrete actions ('craft, send, sniff, and dissect network packets') plus specific use cases (protocol analysis, reconnaissance, anomaly detection), matching the multi-action score-3 anchor rather than the less-comprehensive score-2 anchor.

3 / 3

Completeness

Clearly states what the skill does, but 'when' is only implied through use-case context with no explicit 'Use when...' clause, so per the guideline completeness is capped at 2.

2 / 3

Trigger Term Quality

Contains natural terms a user would say (Scapy, network packets, sniff, dissect), but misses common variations like 'pcap', 'packet capture', or 'Wireshark', fitting the score-2 anchor of relevant keywords with missing common variations.

2 / 3

Distinctiveness Conflict Risk

Scoped specifically to Scapy-based packet analysis with distinct triggers, making it unlikely to conflict with other skills, matching the clear-niche score-3 anchor.

3 / 3

Total

10

/

12

Passed

Validation

93%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation15 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

15

/

16

Passed

Repository
mukul975/Anthropic-Cybersecurity-Skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.