CtrlK
BlogDocsLog inGet started
Tessl Logo

best-practices

Apply modern web development best practices for security, compatibility, and code quality. Use when asked to "apply best practices", "security audit", "modernize code", "code quality review", or "check for vulnerabilities". Do NOT use for accessibility (use web-accessibility), SEO (use seo), performance (use core-web-vitals), or comprehensive multi-area audits (use web-quality-audit).

64

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

65%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The body is a thorough, highly actionable best-practices catalog with concrete code and headers, but it is monolithic and long, repeating much that Claude already knows and offering no progressive disclosure into bundle files. A sequenced validation workflow and splitting detailed references would lift the weaker dimensions.

Suggestions

Split the detailed pattern catalogs (e.g. security headers, deprecated APIs, error handling) into references/ files and keep SKILL.md as an overview plus the audit checklist.

Add a short sequenced workflow before the checklist, e.g. run `npm audit` -> inspect headers with SecurityHeaders.com -> validate HTML with W3C -> re-check until clean, with explicit validation checkpoints.

Trim sections that restate well-known patterns (semantic HTML, feature detection, event delegation) to only the non-obvious guidance, reducing token load.

DimensionReasoningScore

Conciseness

The ~600-line body is mostly lean code examples with little explanatory prose, but a large share reproduces patterns Claude already knows (semantic HTML, feature detection, event delegation, passive listeners) rather than adding net-new knowledge, so it could be tightened.

2 / 3

Actionability

Provides concrete, copy-paste-ready material throughout: exact security/CSP headers, `npm audit` commands, and executable HTML/JS examples with clear bad/good pairs.

3 / 3

Workflow Clarity

The closing audit checklist organizes the review by category with checkboxes, but it is a flat list with no sequenced validation checkpoints or error-recovery feedback loop, matching the level-2 anchor.

2 / 3

Progressive Disclosure

Sections are clearly headed and well organized, but the skill is a single monolithic file with no bundle files (references/, scripts/, assets/ are absent) and detailed pattern catalogs that could be split into separate reference files are kept inline.

2 / 3

Total

9

/

12

Passed

Description

90%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is well-constructed with explicit triggers, a clear what/when pair, and strong disambiguation from related skills. Its only weakness is that the capability statement stays at the level of named areas rather than concrete actions.

Suggestions

Replace or augment "Apply modern web development best practices" with concrete actions, e.g. "Audit security headers, check dependencies with npm audit, validate HTML, and review code-quality patterns".

DimensionReasoningScore

Specificity

Names the domain and three areas ("security, compatibility, and code quality") but the only verb is the abstract "Apply modern web development best practices", lacking the multiple concrete actions seen in the level-3 anchor.

2 / 3

Completeness

Explicitly answers both what it does ("Apply modern web development best practices for security, compatibility, and code quality") and when to use it via an explicit "Use when asked to ..." clause.

3 / 3

Trigger Term Quality

Provides a strong set of natural user phrases ("apply best practices", "security audit", "modernize code", "code quality review", "check for vulnerabilities") plus negative triggers, covering the terms a user would actually say.

3 / 3

Distinctiveness Conflict Risk

Clear niche with explicit disambiguation ("Do NOT use for accessibility (use web-accessibility), SEO (use seo), performance (use core-web-vitals), or comprehensive multi-area audits (use web-quality-audit)") that prevents triggering sibling skills.

3 / 3

Total

11

/

12

Passed

Validation

87%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation14 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

skill_md_line_count

SKILL.md is long (617 lines); consider splitting into references/ and linking

Warning

relative_links

Relative link issues: 1 suspicious

Warning

Total

14

/

16

Passed

Repository
tech-leads-club/agent-skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.