CtrlK
BlogDocsLog inGet started
Tessl Logo

mtls-configuration

Configure mutual TLS (mTLS) for zero-trust service-to-service communication. Use when implementing zero-trust networking, certificate management, or securing internal service communication.

Install with Tessl CLI

npx tessl i github:wshobson/agents --skill mtls-configuration
What are skills?

80

Review77%

Does it follow best practices?

Evaluation97%

Agent success when using this skill

Validation11 / 11 Passed

Validation for skill structure

SKILL.md
Review
Evals

Evaluation results

100%

19%

Zero-Trust Migration for a Fintech Service Mesh

Istio mTLS migration policy

Criteria
Without context
With context

Mesh-wide STRICT mode

100%

100%

Legacy namespace PERMISSIVE

100%

100%

Payment port STRICT

50%

100%

Metrics port disabled

50%

100%

PeerAuthentication API version

100%

100%

DestinationRule ISTIO_MUTUAL

100%

100%

DestinationRule API version

0%

100%

No production DISABLE

100%

100%

Migration rationale documented

100%

100%

workload selector present

100%

100%

Without context: $0.3203 · 1m 22s · 13 turns · 14 in / 4,709 out tokens

With context: $0.4924 · 1m 35s · 25 turns · 23 in / 4,829 out tokens

100%

Automated Certificate Management for Healthcare Microservices

cert-manager certificate lifecycle

Criteria
Without context
With context

Short-lived duration

100%

100%

Early renewBefore

100%

100%

Server auth usage

100%

100%

Client auth usage

100%

100%

Short name DNS

100%

100%

Namespace-qualified DNS

100%

100%

FQDN DNS

100%

100%

Uses ClusterIssuer

100%

100%

CA-backed issuer

100%

100%

Renewal rationale documented

100%

100%

Certificate API version

100%

100%

Without context: $0.2419 · 1m 11s · 10 turns · 10 in / 3,851 out tokens

With context: $0.5581 · 1m 51s · 26 turns · 266 in / 5,989 out tokens

92%

Securing External API Connections and Diagnosing mTLS Failures

External service TLS modes and debugging

Criteria
Without context
With context

MUTUAL mode for partner API

100%

100%

Client cert in MUTUAL

100%

100%

Private key in MUTUAL

100%

100%

CA certs in MUTUAL

100%

100%

SIMPLE mode for analytics API

100%

100%

CA certs in SIMPLE

0%

0%

No client certs in SIMPLE

100%

100%

istioctl tls-check in runbook

100%

100%

Cert expiry check in runbook

100%

100%

Debug log level in runbook

100%

100%

DestinationRule API version

100%

100%

No DISABLE mode used

100%

100%

Without context: $0.3024 · 1m 20s · 13 turns · 62 in / 4,533 out tokens

With context: $0.5725 · 2m 3s · 23 turns · 70 in / 7,109 out tokens

Evaluated
Agent
Claude Code

Table of Contents

Zero-Trust Migration for a Fintech Service MeshAutomated Certificate Management for Healthcare MicroservicesSecuring External API Connections and Diagnosing mTLS Failures

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill