CtrlK
BlogDocsLog inGet started
Tessl Logo

recipe-review

Design Doc compliance and security validation with optional auto-fixes

56

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

77%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The content is highly actionable and the 11-step workflow is clearly sequenced with strong validation feedback loops, but it is a dense monolithic file with minor redundancy in the routing logic. Splitting the report templates and routing rules into reference files would improve progressive disclosure.

Suggestions

Move the user-facing report templates (Step 4 and Step 11 blocks) and the routing-rule table into a reference file linked from the main flow to reduce inline bulk and improve progressive disclosure.

De-duplicate the route logic: present the c/d/s routing rule once and have the user-facing legend reference it rather than restating it.

Tighten framing sentences such as 'Report both results independently using subagent output fields only' to remove redundancy with the immediately following template.

DimensionReasoningScore

Conciseness

The body is mostly efficient and assumes Claude's competence (no explanations of basic concepts), but the routing logic appears twice — as an internal table and again in the user-facing c/d/s legend — and a few framing lines could be tightened, so it sits at 'mostly efficient but could be tightened' rather than fully lean.

2 / 3

Actionability

Every subagent invocation specifies concrete `subagent_type`, `description`, and `prompt` fields, with real bash commands (`ls docs/design/*.md`, `git diff --name-only`) and exact output-store variables, matching 'fully executable code/commands; copy-paste ready'.

3 / 3

Workflow Clarity

Steps 1-11 are explicitly sequenced with validation checkpoints (Step 4 verdict, Step 8 quality gate, Steps 9-10 re-validation) and clear feedback loops (blocked security stops execution; fixes trigger re-validation), matching the 'clear sequence with explicit validation steps; feedback loops' anchor.

3 / 3

Progressive Disclosure

The skill is a single ~200-line monolithic file with no bundle files in references/scripts/assets; sections are well-organized, but the routing rule table, report templates, and scope-boundary block are inline content that could be split out, matching 'some structure but content that should be separate is inline' rather than a clean overview-with-references design.

2 / 3

Total

10

/

12

Passed

Description

50%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is third-person and identifies a coherent niche, but it is terse and lacks any explicit 'Use when...' trigger guidance, capping completeness and trigger-term quality at 2. Adding natural user-facing trigger terms would lift multiple dimensions.

Suggestions

Append an explicit 'Use when...' clause naming natural trigger phrases (e.g., 'Use when reviewing a Design Doc against its implementation, running a security review, or fixing review findings').

Expand the action list to concrete capabilities (compliance validation, security review, code-side auto-fixes, design-side DD updates) to reach specificity level 3.

Add common natural variations users might say (e.g., 'design doc review', 'security audit', 'fix review findings') to improve trigger-term coverage.

DimensionReasoningScore

Specificity

Names the domain and a few concrete actions — "Design Doc compliance", "security validation", "optional auto-fixes" — but stops short of enumerating multiple specific actions, so it matches the 'names domain and some actions, but not comprehensive' anchor rather than the multi-action level 3.

2 / 3

Completeness

It states what the skill does but provides no 'Use when...' trigger guidance, so per the rubric a missing explicit trigger clause caps completeness at 2; it is not level 1 because the 'what' is clearly present.

2 / 3

Trigger Term Quality

Terms like "Design Doc compliance", "security validation", and "auto-fixes" are relevant but lean toward technical jargon and miss common natural variations a user would say, fitting 'some relevant keywords but missing common variations' rather than broad coverage.

2 / 3

Distinctiveness Conflict Risk

The Design-Doc-compliance-plus-security niche is somewhat specific, but it could still overlap with general code-review or security-review skills, matching 'somewhat specific but could still overlap' rather than a clearly isolated niche.

2 / 3

Total

8

/

12

Passed

Validation

100%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation16 / 16 Passed

Validation for skill structure

No warnings or errors.

Repository
shinpr/claude-code-workflows
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.