# Skill Classifier — Verification Toolkit > **Purpose:** Teach an AI agent how to classify a SkillSlap skill by type, requirements, and risk level. > This is the first step in the 3-pass verification pipeline. --- ## 1. Overview The Skill Classifier analyzes a skill's markdown content and produces a structured classification that determines: 1. **What kind of skill it is** (documentation, API workflow, code generation, etc.) 2. **What it requires** to be properly verified (API access, sandbox, browser, specific tools) 3. **How risky it is** to execute (safe, moderate, high, critical) This classification feeds into the verification pipeline to determine which checks to run. --- ## 2. Input You receive a skill with: ```json { "title": "string", "description": "string | null", "content": "string (markdown)", "tags": ["string"], "version": "string" } ``` --- ## 3. Classification Schema ### 3a. Skill Type | Type | Description | Examples | |------|-------------|----------| | `documentation` | Reference material, guides, how-tos | API docs, tutorials, READMEs | | `api_workflow` | Interacts with external APIs | REST clients, webhook handlers | | `code_generation` | Generates or transforms code | Scaffolding tools, transpilers | | `agent_instructions` | Instructions for an AI agent to follow | Prompt templates, agent workflows | | `tool_config` | Configuration for tools, CLIs, environments | Docker configs, CI/CD pipelines | | `mixed` | Combines multiple types | Full-stack guides with API + code | ### 3b. Requirements | Requirement | When to Set True | |------------|-----------------| | `api_access` | Skill references HTTP endpoints, webhooks, or external services | | `code_sandbox` | Skill includes executable code that should be run in isolation | | `browser_rendering` | Skill produces HTML/CSS output that needs visual verification | | `specific_tools` | List any CLI tools, runtimes, or libraries the skill requires | ### 3c. Risk Level | Level | Criteria | |-------|----------| | `safe` | Read-only, no side effects, documentation only | | `moderate` | Makes API calls but no destructive operations | | `high` | Writes data, modifies state, or accesses credentials | | `critical` | System-level operations, shell commands, or credential management | --- ## 4. Classification Process 1. **Read the skill content** carefully 2. **Identify the primary type** — what does the skill mostly do? 3. **Check for requirements** — does it need APIs? Code execution? A browser? 4. **Assess risk** — what could go wrong if an agent follows these instructions blindly? 5. **Provide reasoning** — 1-2 sentences explaining your classification --- ## 5. Output Format ```json { "type": "api_workflow", "requirements": { "api_access": true, "code_sandbox": false, "browser_rendering": false, "specific_tools": ["curl", "jq"] }, "risk_level": "moderate", "reasoning": "This skill instructs agents to make HTTP requests to external APIs with authentication headers. No destructive operations but does write data via POST requests." } ``` --- ## 6. Classification Heuristics ### Indicators of Type - **documentation**: Headers like "Overview", "Reference", no executable blocks - **api_workflow**: HTTP method blocks (`GET`, `POST`), URL patterns, `Authorization` headers - **code_generation**: Code blocks with language tags, file output patterns, scaffolding steps - **agent_instructions**: Imperative mood ("Do X", "Then Y"), decision trees, tool usage patterns - **tool_config**: Config file formats (YAML, TOML, JSON), environment variables, setup steps - **mixed**: Multiple indicators from different categories ### Indicators of Risk - **safe**: "This guide explains...", no code blocks, no URLs - **moderate**: API calls with read operations, query parameters - **high**: `POST`/`PUT`/`DELETE` with bodies, file writes, database operations - **critical**: `rm`, `sudo`, shell commands, credential storage, `eval`, system calls --- ## 7. Edge Cases - **Skills with code examples** that are illustrative (not meant to be executed) → `documentation`, `safe` - **Skills that teach security testing** → classify based on the operations described, not the topic - **Skills referencing external tools without including them** → still note in `specific_tools` - **Empty or minimal skills** → `documentation`, `safe`, note in reasoning ## Playground
Skill ClassifierExample · SkillSlap
Input: Skill metadata
title: SQL Query Builder
tags: sql, database, productivity
content excerpt:
  "Takes a natural-language
   description and writes a
   SQL SELECT query. Supports
   JOINs, aggregates, subqueries."
files: none
Output: Classification
{
  "type": "agent_instructions",
  "invocation_type": "agent",
  "render_mode": "terminal",
  "requirements": {
    "api_access": false,
    "tools": []
  },
  "risk_level": "low",
  "reasoning": "Pure text transformation.
   No external access required."
}