base/typescript-engineering
Use this skill whenever the user asks you to write, edit, review, refactor, debug, or design TypeScript or TSX code. It is especially relevant for application code, backend routes, React/UI work, schemas, runtime boundaries, persistence, async workflows, API contracts, tests, lint/typecheck fixes, and code review. Apply it even when the user does not explicitly mention "TypeScript" if the files or project are TypeScript-based.
89
1.26x
Quality
85%
Does it follow best practices?
Impact
95%
1.26xAverage score across 5 eval scenarios
Securityby
Passed
No known issues
criteria.jsonevals/scenario-5/
{
"context": "Tests whether the agent reviews TypeScript changes with the skill's priorities: behavioral risks, contracts, validation, async and state bugs, tests, and type soundness. The task asks for a review artifact rather than implementation.",
"type": "weighted_checklist",
"checklist": [
{
"name": "Findings first",
"description": "The review starts with concrete findings rather than a summary-first response.",
"max_score": 8
},
{
"name": "Behavior focus",
"description": "Findings prioritize behavioral risks, broken contracts, weak validation, async or state bugs, missing tests, or type unsoundness over style-only comments.",
"max_score": 12
},
{
"name": "Line grounded",
"description": "Each finding cites a specific file and line or tight line range from the provided code.",
"max_score": 8
},
{
"name": "Boundary validation",
"description": "Calls out unchecked runtime boundary data where static TypeScript types do not protect request, config, or external response values.",
"max_score": 10
},
{
"name": "Contract risk",
"description": "Calls out any public contract, persisted shape, event payload, or exported API change that is not explicit or tested.",
"max_score": 8
},
{
"name": "Async risk",
"description": "Calls out floating promises, swallowed errors, hidden races, missing timeout or cancellation, or misuse of Promise.all when present.",
"max_score": 8
},
{
"name": "Type soundness",
"description": "Calls out any, unsafe assertions, broad primitives, vague null or undefined failures, or duplicated schema/type contracts when present.",
"max_score": 8
},
{
"name": "Security risk",
"description": "Calls out relevant authorization, tenant filtering, unsafe SQL, unsafe HTML, redirect/path/URL, or secret exposure risks when present.",
"max_score": 8
},
{
"name": "Test gap",
"description": "Identifies missing focused tests for parsing, permissions, migrations, state transitions, bug fixes, or public behavior as applicable.",
"max_score": 8
},
{
"name": "Severity order",
"description": "Orders findings by severity, with the highest-risk correctness or security issue before lower-risk maintainability issues.",
"max_score": 6
},
{
"name": "No style nitpick",
"description": "Does not include style-only observations unless they are tied to a concrete maintenance or behavioral risk.",
"max_score": 6
},
{
"name": "Open questions",
"description": "Separates open questions or assumptions from findings and keeps any change summary secondary.",
"max_score": 10
}
]
}