Skillzwave Logo
Skillzwave

senior-secops

0.0
F

Comprehensive SecOps skill for application security, vulnerability management, compliance, and secure development practices. Includes security scanning, vulnerability assessment, compliance checking, and security automation. Use when implementing security controls, conducting security audits, responding to vulnerabilities, or ensuring compliance requirements.

Commands Agents Marketplace
#core capabilities#Senior Secops#claude-ai#security#claudecode-subagents#claude-ai-skills#practices#guide

Third-Party Agent Skill: Review the code before installing. Agent skills execute in your AI assistant's environment and can access your files. Learn more about security

Installation for Agentic Skill

View all platforms →
skilz install alirezarezvani/claude-skills/senior-secops
skilz install alirezarezvani/claude-skills/senior-secops --agent opencode
skilz install alirezarezvani/claude-skills/senior-secops --agent codex
skilz install alirezarezvani/claude-skills/senior-secops --agent gemini

First time? Install Skilz: pip install skilz

Works with 22+ AI coding agents

Cursor, Aider, Copilot, Windsurf, Qwen, Kimi, and more...

View All Agents
Download Agent Skill ZIP

Extract and copy to ~/.claude/skills/ then restart Claude Desktop

1. Clone the repository:
git clone https://github.com/alirezarezvani/claude-skills
2. Copy the agent skill directory:
cp -r claude-skills/engineering-team/senior-secops ~/.claude/skills/
View on GitHub

Need detailed installation help? Check our platform-specific guides:

Claude Desktop Guide Claude Code Guide Troubleshooting

Related Agentic Skills

automating-mail

by SpillwaveSolutions

Automates Apple Mail via JXA with AppleScript dictionary discovery. Use when asked to "automate email", "send mail via script", "JXA Mail automation",...

100
A
general
Marketplace
#excel#Mail.OutgoingMessage#Status

automating-reminders

by SpillwaveSolutions

Automates Apple Reminders using JavaScript for Automation (JXA). Use when asked to "create reminders programmatically", "automate reminder lists", "JX...

100
A
general
Marketplace
#app.lists.byName#excel#notes

mastering-postgresql

by SpillwaveSolutions

PostgreSQL development for Python with full-text search (tsvector, tsquery, BM25 via pg_search), vector similarity (pgvector with HNSW/IVFFlat), JSONB...

100
A
general
Marketplace
#references#search#vector

automating-contacts

by SpillwaveSolutions

Automates macOS Contacts via JXA with AppleScript dictionary discovery. Use when asked to "automate contacts", "JXA contacts automation", "macOS addre...

99
A
general
Marketplace
#excel#notes#Contacts.Person

Agentic Skill Details

Owner
alirezarezvani (GitHub)
Repository
claude-skills
Type
Other
Meta-Domain
N/A
Primary Domain
N/A
Market Score
0.0
Agentic Skill Grades →

Agent Skill Grade

F
Score: 29/100 Click to see breakdown

Score Breakdown

Spec Compliance
12/15
PDA Architecture
8/30
Ease of Use
5/25
Writing Style
2/10
Utility
2/20

Areas to Improve

  • This skill contains ONLY placeholder/template content with no actual SecOps guidance. All references are identical templates ('Pattern 1: Best Practice Implementation', 'Scenario 1-3', 'Benefit 1-3') repeated verbatim across three files.
  • Three Python scripts are advertised as core capabilities but nowhere in the skill (or references) are they actually documented, explained, or made functional. No usage guidance, no output examples, no error handling.
  • All three reference files (security_standards.md, vulnerability_management_guide.md, compliance_requirements.md) contain IDENTICAL content structure with same placeholder patterns. Zero differentiation; zero value to reader.

Recommendations

  • Focus on improving Pda (currently 8/30)
  • Focus on improving Ease Of Use (currently 5/25)
  • Focus on improving Writing Style (currently 2/10)

Graded: 1/23/2026

Developer Feedback

I was curious how a senior-level SecOps skill would structure comprehensive security operations guidance, but the current implementation seems to be missing some core architectural foundations that would make this genuinely useful for practitioners actually running security operations at scale.

Links:

The TL;DR

You're at 29/100, firmly in F territory. This is graded against Anthropic's best practices for agentic skills - specifically how well the skill actually delivers value to developers using it. Your strongest area is Spec Compliance (12/15) - the YAML frontmatter is solid. The weak point is Utility (2/20) - the skill promises security capabilities but doesn't actually deliver any actionable guidance or working solutions.

What's Working Well

  • Valid metadata structure - Your YAML frontmatter follows the spec correctly with all required fields
  • Good naming convention - senior-secops uses proper hyphen-case and clearly signals the role
  • References attempted - You've set up three separate reference files, which shows you understand the layered approach

That's honestly where the positives end. The structure is there, but it's empty.

The Big One: Everything is placeholder content

This is the anchor dragging your score down. Every section in SKILL.md and all three reference files contain identical placeholder templates - "Pattern 1: Best Practice Implementation", "Scenario 1-3", "Benefit 1-3" repeated verbatim. There's literally no actual SecOps guidance here.

Why it matters: A developer who triggers this skill gets nothing actionable. No vulnerability scanning procedures, no incident response workflows, no compliance checklists - just generic templates.

Concrete fix: Pick ONE real SecOps workflow (e.g., "Triaging a security vulnerability report" or "Preparing SOC2 Type II audit evidence") and fully flesh it out in security_standards.md with:

  • Actual steps (numbered 1-5 minimum)
  • Real tool commands (not generic [options])
  • Input/output examples
  • Decision trees for different scenarios

This alone would push you 15+ points. Then replicate this level of detail for the other two reference files with different workflows. Remove all placeholder language.

Other Things Worth Fixing

  1. Scripts are mentioned but not functional (lines 14-25, 39-56) - You reference three Python scripts as core capabilities but never show what they do, how to run them, or what they output. Either include actual working code with examples, or remove them entirely.

  2. No trigger context in the description - Users won't know when to invoke this skill. Replace "Use when implementing security controls..." with specific triggers like: "Use when: (1) performing SAST/DAST scanning, (2) triaging CVE reports, (3) auditing cloud misconfigurations, (4) preparing compliance audit evidence"

  3. Tech stack section is misleading (lines 106-113) - Lists TypeScript, React, Kubernetes, AWS/Azure with zero connection to SecOps. This creates confusion about what the skill actually does. Remove it or replace with relevant security tools (Snyk, Vault, Wazuh, etc.).

  4. No workflow clarity - There's no numbered sequence showing how someone actually uses this skill. Add a section like "When you trigger this skill, follow: Step 1 → Step 2 → Step 3" with actual security operations tasks.

Quick Wins

  • Replace all placeholder patterns with ONE fully detailed, real-world workflow (biggest impact)
  • Add specific trigger phrases to metadata so users know when to call this skill
  • Remove or flesh out the three referenced scripts - make them either functional or gone
  • Strip the misleading tech stack section and replace with relevant security tools
  • Add a concrete example - show one complete vulnerability assessment or compliance checklist

These changes would realistically push you to 60-65/100 territory. The foundation is there; you just need to fill it with actual security operations guidance instead of templates.

Checkout your skill here: SkillzWave.ai | SpillWave We have an agentic skill installer that install skills in 14+ coding agent platforms. Check out this guide on how to improve your agentic skills.

AI-Detected Topics

Extracted using NLP analysis

core capabilities Senior Secops claude-ai security claudecode-subagents claude-ai-skills practices guide automated claude-skills compliance claude-code senior-secops description anthropic-claude Comprehensive Quality checks claude-code-skills agentic-ai agentic-coding

Report Security Issue

Found a security vulnerability in this agent skill?