simplify-and-harden-ci
CI-only Simplify & Harden workflow for pull requests using gh-aw (GitHub Agentic Workflows). Runs headless scan-and-report checks for simplify/harden/document, posts structured findings, and can block merges on critical or advisory classes. Use when: you want automated quality/security review in CI without interactive approvals.
59
67%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Advisory
Suggest reviewing before use
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/simplify-and-harden-ci/SKILL.mdQuality
Discovery
85%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong description that clearly communicates specific capabilities and includes an explicit 'Use when' clause. Its main weakness is reliance on specialized terminology (gh-aw, advisory classes, headless) that users may not naturally use when seeking this functionality. The description is concise, uses third person voice correctly, and carves out a distinct niche.
Suggestions
Add more natural trigger terms users might say, such as 'PR checks', 'automated code review', 'GitHub Actions pipeline', or 'merge gate' to improve discoverability.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'runs headless scan-and-report checks for simplify/harden/document', 'posts structured findings', 'can block merges on critical or advisory classes'. These are concrete, actionable capabilities. | 3 / 3 |
Completeness | Clearly answers both what ('runs headless scan-and-report checks, posts structured findings, can block merges') and when ('Use when: you want automated quality/security review in CI without interactive approvals'). The explicit 'Use when' clause is present and specific. | 3 / 3 |
Trigger Term Quality | Includes some relevant terms like 'CI', 'pull requests', 'quality/security review', 'block merges', but relies on specialized jargon like 'gh-aw', 'headless scan-and-report', and 'advisory classes' that users may not naturally use. Missing common variations like 'PR checks', 'automated code review', 'GitHub Actions'. | 2 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with a clear niche: CI-only workflow for pull requests using a specific tool (gh-aw), focused on simplify/harden/document checks. The combination of CI context, headless operation, and the specific tool name makes it unlikely to conflict with other skills. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
50%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill provides a reasonable framework for CI-based code review with clear installation steps and a usable prompt template, but falls short on concrete details: the output YAML schema is described but never shown, the gate policy configuration is vague, and the key workflow example file is referenced but not provided. The skill would benefit from tightening redundant sections and adding concrete examples of expected outputs and configuration.
Suggestions
Add a concrete example of the expected `simplify_and_harden` YAML output schema so Claude knows exactly what structure to emit
Specify how gate policy (critical vs advisory blocking) is configured — show the actual configuration mechanism (env var, workflow input, etc.)
Either provide the `references/workflow-example.md` bundle file or inline a minimal but complete gh-aw workflow definition
Remove or condense the 'Context Limitation' section — Claude understands CI context limitations; a single-line note suffices
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is mostly efficient but includes some unnecessary explanation (e.g., the 'Context Limitation' section explains concepts Claude already understands about CI vs local context). The 'CI Contract' section restates what the prompt template already covers. Some tightening is possible. | 2 / 3 |
Actionability | The skill provides concrete CLI commands for installation, compilation, and running workflows, and includes a usable prompt template. However, the workflow example is deferred to a reference file that isn't provided in the bundle, the YAML output schema is described but never shown concretely, and the gate policy configuration is vague ('when advisory findings are configured to block' — configured where/how?). | 2 / 3 |
Workflow Clarity | The authoring workflow has a clear 4-step sequence with compile/validate, but lacks explicit validation checkpoints for the CI execution itself. There's no feedback loop for what to do when the check fails (beyond 'escalate ambiguous findings to interactive review'), and the gate policy enforcement mechanism is not clearly specified. | 2 / 3 |
Progressive Disclosure | The skill references `references/workflow-example.md` for the template, which is good progressive disclosure in principle, but no bundle files are provided so the reference is unverifiable. The content is reasonably structured with clear sections, but the YAML output schema and gate policy configuration details should either be inline or clearly referenced to a specific file. | 2 / 3 |
Total | 8 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- pskoett/pskoett-ai-skills
- Commit
f6c5d7b
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.