dtsong/evaluate-diagram
skills/evaluate-diagram/SKILL.md
Use this skill when scoring or comparing a generated diagram against a human reference. Triggers on "score this diagram", "evaluate my diagram", "compare to reference", or "how accurate is this". Applies when both a generated diagram and a reference image exist and quality assessment is needed. Do NOT use for creating new diagrams (use generate-diagram) or plotting data (use generate-plot).
$ install --global
skillsauthnpx skillsauth add dtsong/my-claude-setup evaluate-diagramInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 26, 2026, 4:40 AM271.4s1 file scanned
SKILL.md
- name:
- evaluate-diagram
- description:
- >
- user-invocable:
- true
- distribution:
- repo
- preferred:
- haiku
- acceptable:
- [haiku]
- minimum:
- haiku
- allow_downgrade:
- true
- reasoning_demand:
- low
Evaluate Diagram
Evaluate a generated diagram against a human reference using PaperBanana's VLM-as-Judge scoring.
Inputs
- Required:
$ARGUMENTS[0]— path to the generated image - Required:
$ARGUMENTS[1]— path to the human reference image - Optional: User-provided context file path and figure caption (collected in procedure)
Scope Constraints
- Read ONLY user-specified image files and optional context file
- Do NOT read, write, or reference home directory dotfiles (~/.ssh, ~/.env, etc.)
- Do NOT make network requests — the MCP tool handles remote communication
- Do NOT install packages or modify system state
- Output ONLY evaluation scores — do not include raw file contents
Input Sanitization
Before using $ARGUMENTS[0], $ARGUMENTS[1], or user-provided context paths:
- Reject paths containing
../, null bytes, or shell metacharacters (; | & $ `) - Reject absolute paths to sensitive directories (/etc/, ~/.ssh/, ~/.aws/, ~/.gnupg/)
- Verify each file exists before reading
Procedure
$ARGUMENTS[0]is the path to the generated image.$ARGUMENTS[1]is the path to the human reference image.- Ask the user for:
- Source context: the methodology text (or a file path to read it from). If the user provides a file path, read that file to get the text.
- Figure caption: a description of what the diagram communicates.
- Call the MCP tool
paperbanana:evaluate_diagramwith:generated_path: the generated image pathreference_path: the reference image pathcontext: the methodology text contentcaption: the figure caption
- Present the evaluation scores to the user. Scores cover 4 dimensions: Faithfulness, Conciseness, Readability, and Aesthetics.
Output Format
Present scores in a summary table with the 4 dimensions (Faithfulness, Conciseness, Readability, Aesthetics), each with its numeric score and brief rationale.
CLI Fallback
If the MCP tool is not available, fall back to the CLI:
paperbanana evaluate --generated <generated-img> --reference <reference-img> --context <context-file> --caption "<caption>"
Example
/evaluate-diagram output.png reference.png
Related Skills
dtsong/docx-to-pdf
testing
VerifiedTrustedCommunity
Use to convert a Word .docx file to PDF and/or verify its page count. Triggers on: converting docx to pdf, rendering a document, checking how many pages a docx produces, or asserting a page-count constraint (e.g. a resume must stay 2 pages). Wraps LibreOffice headless conversion.
5SKILL.mdUpdated Jun 11, 2026
dtsong/web-security-hardening
development
VerifiedTrustedCommunity
Security audit checklist for web applications. Use when reviewing, auditing, or hardening a web app's security posture. Covers rate limiting, auth headers, IP blocking, CORS, security middleware, input validation, file upload limits, ORM usage, and password hashing. Triggers on requests like "review security", "harden this app", "security audit", "check for vulnerabilities", or when building/reviewing API endpoints.
5SKILL.mdUpdated Apr 28, 2026
dtsong/prompt-wizard
development
VerifiedTrustedCommunity
Interactive wizard to craft effective prompts using Claude Code best practices
5SKILL.mdUpdated Apr 28, 2026
dtsong/gh-triage
tools
VerifiedTrustedCommunity
Use when batch labeling, prioritizing, and assigning GitHub issues during triage sessions.
5SKILL.mdUpdated Apr 26, 2026