CtrlK
BlogDocsLog inGet started
Tessl Logo

analyzing-supply-chain-malware-artifacts

Investigate supply chain attack artifacts including trojanized software updates, compromised build pipelines, and sideloaded dependencies to identify intrusion vectors and scope of compromise.

62

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Advisory

Suggest reviewing before use

SKILL.md
Quality
Evals
Security

Quality

Content

65%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

Strongly actionable with executable code, but the body has a padded Overview with a dated statistic, an incomplete multi-step workflow lacking validation checkpoints, and orphaned bundle files the overview never points to.

Suggestions

Trim the Overview's general-knowledge narrative and remove the unsourced '30%/100%' statistic, or move dated figures to a clearly labeled section.

Complete the workflow (Steps 2–n) and embed explicit validation checkpoints/feedback loops between steps.

Link the existing bundle files from the body — e.g. point to references/api-reference.md, scripts/agent.py, and assets/template.md — instead of leaving them orphaned.

DimensionReasoningScore

Conciseness

The actionable core is lean, but the Overview explains context Claude largely knows (SolarWinds/3CX background) and includes a dated, unsourced statistic ('As of 2025... 30%... 100% increase') the rubric penalizes.

2 / 3

Actionability

Provides a complete, executable compare_pe_files script with a __main__ CLI entry point plus concrete prerequisites (pefile, ssdeep, sigcheck, codesign) — copy-paste ready.

3 / 3

Workflow Clarity

Only 'Step 1' is present with no subsequent steps, and the Validation Criteria list is not embedded as explicit checkpoints or feedback loops in the procedure.

2 / 3

Progressive Disclosure

Bundle files (references/, scripts/agent.py, assets/template.md) exist but are not linked or signaled from the body, and the inline 80-line script could live in scripts/ — structure is present but navigation is missing.

2 / 3

Total

9

/

12

Passed

Description

82%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

A specific, well-targeted description with concrete actions and natural trigger terms, but it omits an explicit 'when to use' clause, capping completeness at 2.

Suggestions

Append an explicit trigger clause, e.g. 'Use when investigating suspected supply chain compromises, trojanized updates, or poisoned package repositories.'

Add common user phrasings like 'supply chain attack', 'poisoned package', or 'dependency confusion' to strengthen trigger term coverage.

DimensionReasoningScore

Specificity

Lists multiple concrete actions across named vectors — 'trojanized software updates, compromised build pipelines, and sideloaded dependencies' and 'identify intrusion vectors and scope of compromise' — rather than vague single-domain phrasing.

3 / 3

Completeness

Clearly states what it does but lacks an explicit 'Use when...' clause or equivalent trigger guidance, which the rubric caps at 2.

2 / 3

Trigger Term Quality

Uses concrete, analyst-natural terms ('supply chain attack', 'trojanized software updates', 'sideloaded dependencies', 'intrusion vectors') a user would say when needing this skill.

3 / 3

Distinctiveness Conflict Risk

The supply-chain-compromise niche with distinct trojanized-update/build-pipeline triggers is clearly distinguishable and unlikely to fire for unrelated skills.

3 / 3

Total

11

/

12

Passed

Validation

93%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation15 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

15

/

16

Passed

Repository
mukul975/Anthropic-Cybersecurity-Skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.