agent-authentication
Agent skill for authentication - invoke with $agent-authentication
46
17%
Does it follow best practices?
Impact
96%
2.23xAverage score across 3 eval scenarios
Risky
Do not use without reviewing
Optimize this skill with Tessl
npx tessl skill review --optimize ./.agents/skills/agent-authentication/SKILL.mdQuality
Discovery
0%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is critically underdeveloped. It functions more as an invocation instruction ('invoke with $agent-authentication') than a meaningful skill description. It fails to communicate what the skill does, when it should be used, or what specific authentication tasks it handles.
Suggestions
Add specific concrete actions the skill performs, e.g., 'Manages user login flows, generates OAuth tokens, validates credentials, handles session management.'
Add an explicit 'Use when...' clause with natural trigger terms, e.g., 'Use when the user needs help with login, sign-in, OAuth, API keys, tokens, passwords, or session handling.'
Remove the invocation instruction ('invoke with $agent-authentication') from the description and replace it with capability and trigger information that helps Claude select this skill appropriately.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description says 'authentication' but provides no concrete actions. It doesn't describe what the skill actually does—no mention of login, token generation, OAuth flows, password management, or any specific capabilities. | 1 / 3 |
Completeness | The 'what' is extremely vague ('authentication') and there is no 'when' clause at all. The description only tells how to invoke the skill, not what it does or when to use it. | 1 / 3 |
Trigger Term Quality | The only keyword is 'authentication', which is broad and technical. Missing natural terms users might say like 'login', 'sign in', 'password', 'OAuth', 'token', 'credentials', 'SSO', etc. | 1 / 3 |
Distinctiveness Conflict Risk | 'Authentication' is very broad and could overlap with many security, login, or identity-related skills. Without specific actions or triggers, it's impossible to distinguish from other auth-related tools. | 1 / 3 |
Total | 4 / 12 Passed |
Implementation
35%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
The skill provides useful MCP tool signatures but wraps them in excessive persona description, vague responsibility lists, and generic quality standards that Claude doesn't need. The workflow is present but lacks concrete error handling, conditional branching, and validation specifics that would make authentication flows robust. Roughly half the content could be removed without losing actionable information.
Suggestions
Remove the persona/role-playing preamble and generic responsibility lists—focus on the MCP tool reference and concrete workflows.
Add specific error handling examples: what to do when login fails, when registration returns a duplicate email error, when a reset token is expired.
Replace the generic 5-step workflow with concrete decision trees or conditional flows (e.g., 'If user_login returns 401 → check if account exists → suggest password reset').
Trim 'Quality standards' and 'Common scenarios' sections—these describe what Claude already knows and don't add actionable guidance.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Heavily padded with role-playing preamble ('You are a Flow Nexus Authentication Agent...'), lists of vague responsibilities Claude already understands (e.g., 'ensure secure authentication practices and compliance'), and generic quality standards that add no actionable value. | 1 / 3 |
Actionability | The MCP tool call examples are concrete and show actual function signatures with parameters, which is useful. However, much of the content is descriptive rather than instructive—it lists scenarios and responsibilities without specifying how to handle them (e.g., no error handling code, no example responses, no conditional logic). | 2 / 3 |
Workflow Clarity | A 5-step workflow is listed but the steps are generic ('Assess Requirements', 'Execute Flow') without explicit validation checkpoints or error recovery loops. For authentication operations that can fail in multiple ways, the lack of concrete error handling sequences and feedback loops is a gap. | 2 / 3 |
Progressive Disclosure | Content is a single monolithic file with no references to external documentation. The tool examples and workflow are inline, which is acceptable for the size, but the 'common scenarios' and 'quality standards' sections could be trimmed or split out. Organization exists but is not optimally structured. | 2 / 3 |
Total | 7 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- ruvnet/claude-flow
- Commit
322b2ae
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.