specstory-guard
Install a pre-commit hook that scans .specstory/history for secrets before commits. Run when user says "set up secret scanning", "install specstory guard", "protect my history", or "check for secrets".
Install with Tessl CLI
npx tessl i github:specstoryai/agent-skills --skill specstory-guard90
Does it follow best practices?
If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:
npx tessl skill review --optimize ./path/to/skillValidation for skill structure
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is an excellent skill description that hits all the marks. It provides specific technical actions, includes multiple natural trigger phrases in an explicit 'Run when' clause, and carves out a clear niche around specstory history secret scanning that distinguishes it from general security or git-related skills.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists specific concrete actions: 'Install a pre-commit hook that scans .specstory/history for secrets before commits' - describes exactly what it does with technical precision. | 3 / 3 |
Completeness | Clearly answers both what ('Install a pre-commit hook that scans .specstory/history for secrets') and when ('Run when user says...' with explicit trigger phrases). | 3 / 3 |
Trigger Term Quality | Includes natural trigger phrases users would say: 'set up secret scanning', 'install specstory guard', 'protect my history', 'check for secrets' - covers multiple natural variations. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with specific niche: targets .specstory/history specifically, mentions 'specstory guard' as a unique identifier, and focuses on pre-commit secret scanning - unlikely to conflict with generic security or git skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
77%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured skill with excellent actionability - clear commands, concrete examples, and helpful output previews. The main weakness is some unnecessary explanatory content (the 'Why Use Guard?' section) that Claude doesn't need. The workflow is clear with good validation steps for remediation.
Suggestions
Remove or significantly condense the 'Why Use Guard?' section - Claude understands why secret scanning is valuable
Consider moving the 'Detected Patterns' table to a separate reference file to keep the main skill leaner
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill includes some unnecessary explanation (e.g., 'Why Use Guard?' section explaining what AI sessions might capture, which Claude already understands). The content is mostly efficient but could be tightened by removing explanatory sections. | 2 / 3 |
Actionability | Provides fully executable bash commands, clear slash command table, and specific script paths. All examples are copy-paste ready with concrete flags and arguments. | 3 / 3 |
Workflow Clarity | Clear remediation workflow with explicit steps: open file → redact → re-run scan → commit. The 'How It Works' section provides clear sequencing, and the output examples show exactly what to expect at each stage. | 3 / 3 |
Progressive Disclosure | Content is well-organized with clear sections, but everything is inline in one file. The detected patterns table and allowlist tuning could be separate reference files for a cleaner overview. However, the skill is moderately sized so this is acceptable. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
Total | 10 / 11 Passed | |
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.