CtrlK
BlogDocsLog inGet started
Tessl Logo

ai-inventory

Generate and analyze AI Bill of Materials (AIBOM) for Python projects using AI/ML components. Identifies AI models, datasets, tools, and frameworks for security and compliance tracking. Use this skill when: - User asks to scan for AI components - User wants to know what AI models a project uses - User mentions "AI BOM", "AI inventory", or "ML security" - User is working with Python AI/ML projects (PyTorch, TensorFlow, HuggingFace) - User needs AI component compliance documentation

75

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

85%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The content is highly actionable and well-sequenced with strong validation and error handling. The main weakness is redundancy between the Quick Start and Phase 2 sections, which could be consolidated to improve token efficiency.

Suggestions

Consolidate the duplicated mcp_snyk_snyk_aibom invocations: the Quick Start block repeats calls already detailed in Phase 2.1 and 2.3 — reference the phase or show each call once.

Tighten Phase 4 risk guidance into concise bullets; phrases like "Recommend: documenting data sources, reviewing PII handling procedures, and verifying data retention policies" could be trimmed without losing meaning.

DimensionReasoningScore

Conciseness

The body avoids explaining basic concepts but duplicates content — the Quick Start block repeats the same mcp_snyk_snyk_aibom calls shown again in Phase 2.1 and 2.3, and some guidance could be tightened. Not quite lean enough for a 3.

2 / 3

Actionability

Provides fully executable MCP tool calls with concrete parameters (mcp_snyk_snyk_aibom(path=..., json_file_output=...)), specific package lists to scan (torch, tensorflow, transformers, etc.), and copy-paste-ready report templates to fill in.

3 / 3

Workflow Clarity

A clear five-phase sequence with per-phase goals, numbered steps, and explicit validation checkpoints (Step 2.2 verifies the JSON before proceeding to Phase 3) plus error-recovery blocks for network and access failures.

3 / 3

Progressive Disclosure

No bundle files exist (references/scripts/assets absent), and the single file is cleanly sectioned into a concise Quick Start overview followed by logically ordered phases with no monolithic wall of text or nested/dead references.

3 / 3

Total

11

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is strong: it states concrete capabilities in third person, provides explicit "Use when" triggers with natural keywords, and occupies a clear niche unlikely to collide with other skills. No changes needed.

DimensionReasoningScore

Specificity

Lists multiple concrete actions — "Generate and analyze AI Bill of Materials (AIBOM)", "Identifies AI models, datasets, tools, and frameworks for security and compliance tracking" — matching the anchor for several specific concrete actions.

3 / 3

Completeness

Explicitly answers both what it does (generate/analyze AIBOM, identify components) and when to use it via an explicit "Use this skill when:" clause with five concrete triggers.

3 / 3

Trigger Term Quality

The "Use this skill when" clause covers natural phrasings users would actually say: "scan for AI components", "what AI models a project uses", "AI BOM", "AI inventory", "ML security", and named frameworks (PyTorch, TensorFlow, HuggingFace).

3 / 3

Distinctiveness Conflict Risk

Scoped to Python AI/ML projects with a clear niche (AIBOM generation) and distinctive triggers like "AI BOM" and "AI inventory", making conflict with generic skills unlikely.

3 / 3

Total

12

/

12

Passed

Validation

100%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation16 / 16 Passed

Validation for skill structure

No warnings or errors.

Repository
snyk/studio-recipes
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.