claims
Claims-based authorization for agents and operations. Grant, revoke, and verify permissions for secure multi-agent coordination. Use when: permission management, access control, secure operations, authorization checks. Skip when: open access, no security requirements, single-agent local work.
86
81%
Does it follow best practices?
Impact
97%
1.79xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Quality
Discovery
82%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a solid description that clearly communicates both what the skill does and when to use it, with helpful 'Use when' and 'Skip when' clauses. The trigger terms are natural and well-chosen. The main weakness is that the capability description could be more specific about concrete actions beyond the generic 'grant, revoke, verify' pattern, and the domain could overlap with other security-related skills.
Suggestions
Add more specific concrete actions to improve specificity, e.g., 'Create and validate JWT claims, define role-based policies, audit permission chains' rather than just 'grant, revoke, verify'.
Strengthen distinctiveness by specifying the exact technology or framework (e.g., 'claims-based JWT authorization') and differentiating from authentication or general security skills.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (claims-based authorization) and some actions (grant, revoke, verify permissions), but the actions are somewhat generic and don't describe concrete implementation details like specific claim types, token handling, or policy evaluation. | 2 / 3 |
Completeness | Clearly answers both 'what' (claims-based authorization, grant/revoke/verify permissions for multi-agent coordination) and 'when' with explicit 'Use when' and 'Skip when' clauses providing clear trigger and anti-trigger guidance. | 3 / 3 |
Trigger Term Quality | Includes strong natural keywords users would say: 'permission management', 'access control', 'authorization checks', 'secure operations', 'multi-agent coordination'. The 'Skip when' clause also helps with negative triggers like 'open access' and 'single-agent local work'. | 3 / 3 |
Distinctiveness Conflict Risk | The 'claims-based' and 'multi-agent coordination' aspects provide some distinctiveness, but terms like 'access control' and 'authorization' are broad enough to potentially overlap with general security or authentication skills. The 'Skip when' clause helps reduce conflicts somewhat. | 2 / 3 |
Total | 10 / 12 Passed |
Implementation
79%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured, concise reference skill with excellent actionability through concrete CLI commands and clear tables. Its main weakness is the lack of a sequenced workflow with validation checkpoints—particularly important for security operations where verifying that grants/revocations took effect is critical. The best practices section is generic and could be replaced with a concrete verification workflow.
Suggestions
Add a sequenced workflow showing a typical authorization flow: check existing claims → grant/revoke → verify the change took effect (e.g., 'After granting, run `claims check` to confirm')
Replace or augment the generic 'Best Practices' section with a concrete audit/verification example, such as listing all claims for an agent before and after changes
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is lean and well-structured using tables for reference data. No unnecessary explanations of what authorization or claims are—it assumes Claude understands these concepts and jumps straight to the specifics. | 3 / 3 |
Actionability | Provides fully executable CLI commands with concrete flags, agent IDs, and scope patterns. Each command is copy-paste ready with realistic examples. | 3 / 3 |
Workflow Clarity | Commands are listed individually but there's no sequenced workflow showing how to verify before granting, or check after revoking. For security-sensitive operations like authorization, a validation/verification step (e.g., 'check claims after granting to confirm') would be expected. | 2 / 3 |
Progressive Disclosure | Content is well-organized with clear sections and tables, but everything is inline in a single file. For a skill of this size it's borderline acceptable, but the security levels and scope patterns could benefit from links to more detailed documentation on policy configuration or audit procedures. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- ruvnet/claude-flow
- Commit
01070ed
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.