Content
27%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill reads more like a comprehensive cheat sheet or reference dump than a focused, actionable skill for Claude. While it contains useful payloads and attack patterns, it suffers from significant verbosity, explains concepts Claude already knows, and packs everything into one monolithic file without progressive disclosure. The workflow lacks validation checkpoints and feedback loops critical for security testing operations.
Suggestions
Split the monolithic content into separate files: a concise SKILL.md overview with core workflow, and reference files for GraphQL testing (GRAPHQL.md), tool references (TOOLS.md), bypass techniques (BYPASSES.md), and payload examples (PAYLOADS.md).
Remove explanatory content Claude already knows (API types overview table, what IDOR is, what SSRF is) and replace with terse labels before actionable payloads.
Add explicit validation checkpoints to the workflow: how to confirm a vulnerability is real (e.g., 'If response differs between AND 1=1 and AND 1=2, confirmed SQLi'), and when to escalate vs. move on.
Remove the 'When to Use' boilerplate section and trim 'Inputs/Prerequisites' and 'Outputs/Deliverables' which add no actionable value for Claude.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is extremely verbose at ~350+ lines, includes unnecessary sections like 'API Types Overview' table (Claude knows this), explains what IDOR is, lists extensive tool URLs that could be in a separate reference file, and includes a meaningless 'When to Use' section. The 'Purpose', 'Inputs/Prerequisites', and 'Outputs/Deliverables' sections restate obvious information. | 1 / 3 |
Actionability | Provides concrete payloads and test patterns that are copy-paste ready (IDOR bypasses, GraphQL introspection, SQL injection in JSON), but many examples are incomplete snippets rather than executable workflows. The reconnaissance commands reference tools without installation steps, and payloads lack context on how to interpret results beyond simple OK/ERROR annotations. | 2 / 3 |
Workflow Clarity | Steps 1-5 provide a reasonable sequence for API testing, but there are no validation checkpoints or feedback loops. For destructive/batch operations like DoS testing or brute forcing, there's no guidance on when to stop, how to verify findings, or how to confirm a vulnerability vs. a false positive. The workflow is more of a checklist of attack categories than a guided process. | 2 / 3 |
Progressive Disclosure | Everything is crammed into a single monolithic file with no references to supporting files. The tools reference table, detailed GraphQL testing, PDF export attacks, and the extensive bypass techniques could all be split into separate reference files. With no bundle files provided, the content is a wall of text that would benefit significantly from decomposition. | 1 / 3 |
Total | 6 / 12 Passed |