Skill Classifier — Verification Toolkit

Purpose: Teach an AI agent how to classify a SkillSlap skill by type, requirements, and risk level. This is the first step in the 3-pass verification pipeline.

1. Overview

The Skill Classifier analyzes a skill's markdown content and produces a structured classification that determines:

What kind of skill it is (documentation, API workflow, code generation, etc.)
What it requires to be properly verified (API access, sandbox, browser, specific tools)
How risky it is to execute (safe, moderate, high, critical)

This classification feeds into the verification pipeline to determine which checks to run.

2. Input

You receive a skill with:

json

{
  "title": "string",
  "description": "string | null",
  "content": "string (markdown)",
  "tags": ["string"],
  "version": "string"
}

3. Classification Schema

3a. Skill Type

Type	Description	Examples
`documentation`	Reference material, guides, how-tos	API docs, tutorials, READMEs
`api_workflow`	Interacts with external APIs	REST clients, webhook handlers
`code_generation`	Generates or transforms code	Scaffolding tools, transpilers
`agent_instructions`	Instructions for an AI agent to follow	Prompt templates, agent workflows
`tool_config`	Configuration for tools, CLIs, environments	Docker configs, CI/CD pipelines
`mixed`	Combines multiple types	Full-stack guides with API + code

3b. Requirements

Requirement	When to Set True
`api_access`	Skill references HTTP endpoints, webhooks, or external services
`code_sandbox`	Skill includes executable code that should be run in isolation
`browser_rendering`	Skill produces HTML/CSS output that needs visual verification
`specific_tools`	List any CLI tools, runtimes, or libraries the skill requires

3c. Risk Level

Level	Criteria
`safe`	Read-only, no side effects, documentation only
`moderate`	Makes API calls but no destructive operations
`high`	Writes data, modifies state, or accesses credentials
`critical`	System-level operations, shell commands, or credential management

4. Classification Process

Read the skill content carefully
Identify the primary type — what does the skill mostly do?
Check for requirements — does it need APIs? Code execution? A browser?
Assess risk — what could go wrong if an agent follows these instructions blindly?
Provide reasoning — 1-2 sentences explaining your classification

5. Output Format

json

{
  "type": "api_workflow",
  "requirements": {
    "api_access": true,
    "code_sandbox": false,
    "browser_rendering": false,
    "specific_tools": ["curl", "jq"]
  },
  "risk_level": "moderate",
  "reasoning": "This skill instructs agents to make HTTP requests to external APIs with authentication headers. No destructive operations but does write data via POST requests."
}

6. Classification Heuristics

Indicators of Type

documentation: Headers like "Overview", "Reference", no executable blocks
api_workflow: HTTP method blocks (GET, POST), URL patterns, Authorization headers
code_generation: Code blocks with language tags, file output patterns, scaffolding steps
agent_instructions: Imperative mood ("Do X", "Then Y"), decision trees, tool usage patterns
tool_config: Config file formats (YAML, TOML, JSON), environment variables, setup steps
mixed: Multiple indicators from different categories

Indicators of Risk

safe: "This guide explains...", no code blocks, no URLs
moderate: API calls with read operations, query parameters
high: POST/PUT/DELETE with bodies, file writes, database operations
critical: rm, sudo, shell commands, credential storage, eval, system calls

7. Edge Cases

Skills with code examples that are illustrative (not meant to be executed) → documentation, safe
Skills that teach security testing → classify based on the operations described, not the topic
Skills referencing external tools without including them → still note in specific_tools
Empty or minimal skills → documentation, safe, note in reasoning

Skill Classifier