Improve/skill review optimization#1
Open
yogesh-tessl wants to merge 2 commits into
Open
Conversation
Hey @Theodora-Y 👋 I ran your skills through `tessl skill review` at work and found some targeted improvements. Here's the full before/after:  | Skill | Before | After | Change | |-------|--------|-------|--------| | send-work-email | 53% | 90% | +37% | | alipay-scan-pay | 45% | 87% | +42% | | join-online-meeting | 56% | 84% | +28% | | his-patient-record | 42% | 90% | +48% | | dingtalk-video-meeting | 47% | 84% | +37% | <details> <summary>Changes summary</summary> **his-patient-record (+48%)** — the biggest win: - Replaced generic HIS system navigation steps with concrete field-level masking rules (patient name, ID, phone, address, diagnosis) with specific before/after transformation examples - Added explicit "Use when..." clause with trigger keywords for HIS system operations - Replaced placeholder `[特殊情况1]` labels with descriptive edge cases: batch query handling, emergency medical access overrides, data export/print masking - Converted description from chevron (`>`) to quoted string format - Added audit trail logging step as a compliance-ready verification checkpoint **alipay-scan-pay (+42%)**: - Rewrote content to focus on transaction data masking (payment amount, merchant name, card numbers, order IDs) instead of generic Alipay UI navigation - Added concrete masking patterns (e.g., `¥128.50` → `¥***.** `) - Added screenshot desensitization step for payment receipts - Replaced placeholder edge cases with meaningful scenarios: consecutive payments, retry handling, user override requests **send-work-email (+37%)**: - Replaced generic email UI steps with a scan → mask → verify → confirm workflow for patient data in enterprise emails - Added specific masking patterns for each sensitive field type (patient names, IDs, phone numbers, diagnoses, financial amounts) - Added re-scan validation checkpoint to ensure no sensitive fields remain after masking - Replaced placeholder edge cases with attachment handling, overlapping field masking order, and user opt-out logging **dingtalk-video-meeting (+37%)**: - Replaced generic DingTalk UI navigation with concrete meeting metadata masking (participant names, employee IDs, meeting links, passwords) - Added virtual background enforcement before camera activation - Added DingTalk-specific privacy settings verification checklist - Added meeting link leakage detection and participant identity masking in logs **join-online-meeting (+28%)**: - Added meeting link domain verification against known providers (Zoom, Teams, Google Meet, 腾讯会议) - Added concrete host identity masking patterns (name, email, meeting ID) - Added background blur enforcement and screen content scanning before sharing - Replaced placeholder edge cases with multi-platform switching, public webinar handling, and user override scenarios **Common changes across all 5 skills:** - Converted all descriptions from YAML block scalar (`>`) to quoted string format - Added explicit "Use when..." clauses with bilingual trigger keywords - Replaced all `[特殊情况1/2/3]` placeholder labels with descriptive edge case names - Added validation/re-scan checkpoints in every workflow - Shifted focus from generic UI navigation to actionable privacy masking rules with concrete examples </details> **Note on auto-generated skills**: These skills are generated by `skill-evolution-mechanic` (via `scripts/generate_skills.py` and `prompts/evolution_skill_writing.txt`). The improvements here target the SKILL.md output directly. For long-term benefit, similar improvements could be applied to the generation prompt — particularly adding concrete masking examples, "Use when..." clauses, and descriptive edge case labels to the `evolution_skill_writing.txt` template. Honest disclosure — I work at @tesslio where we build tooling around skills like these. Not a pitch - just saw room for improvement and wanted to contribute. Want to self-improve your skills? Just point your agent (Claude Code, Codex, etc.) at [this Tessl guide](https://docs.tessl.io/evaluate/optimize-a-skill-using-best-practices) and ask it to optimize your skill. Ping me - [@yogesh-tessl](https://github.com/yogesh-tessl) - if you hit any snags. Thanks in advance 🙏
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Hey @Theodora-Y 👋
The skill evolution mechanic that auto-generates privacy SKILL.md files with confidence scores and sandbox validation is a clever architecture, having privacy rules that literally evolve per-user based on agent behaviour patterns is a much more realistic approach than static masking. The variety of scenarios covered already (WeChat file sends, DingTalk group messages, Alipay payments, hospital records) shows real thought about where sensitive data actually leaks in Chinese app ecosystems. Wanted to improve a few of the SKILL.md files in the collection.
I ran your skills through
tessl skill reviewat work and found some targeted improvements. Here's the full before/after:Changes summary
his-patient-record (+48%) - the biggest win:
[特殊情况1]labels with descriptive edge cases: batch query handling, emergency medical access overrides, data export/print masking>) to quoted string formatalipay-scan-pay (+42%):
¥128.50→¥***.**)send-work-email (+37%):
dingtalk-video-meeting (+37%):
join-online-meeting (+28%):
Common changes across all 5 skills:
>) to quoted string format[特殊情况1/2/3]placeholder labels with descriptive edge case namesHonest disclosure. I work at https://github.com/tesslio where we build tooling around skills like these. Not a pitch - just saw room for improvement and wanted to contribute.
I also added a lightweight GitHub Action that auto-reviews any skill.md changed in a PR (includes min permissions, uses a pinned action version, only posts a review comment).
This means that it gives you and your contributors an instant quality signal before you have to review yourself (no signup, no tokens needed).
Want to self-improve your skills? Just point your agent (Claude Code, Codex, etc.) at this Tessl guide (https://docs.tessl.io/evaluate/optimize-a-skill-using-best-practices) and ask it to optimize your skill. Ping me - @yogesh-tessl (https://github.com/yogesh-tessl) - if you hit any snags.
Thanks in advance 🙏