golikovichev/secure-log2test
Turn a Kibana JSON log export into a runnable pytest suite using the secure-log2test CLI. Use when the user has a Kibana or Elasticsearch JSON export of API traffic and wants a regression suite from production logs, when extracting test cases from staging traffic, when scrubbing auth headers or secret-looking body fields before logs leave the laptop, when bridging Kibana-captured requests into a pytest-based suite for CI, when the user mentions Kibana logs, Elasticsearch JSON export, log-to-test conversion, log replay tests, auth header redaction, PII in logs, or regression tests from production traffic.
92
100%
Does it follow best practices?
Impact
93%
1.00xAverage score across 2 eval scenarios
Passed
No known issues
criteria.jsonevals/scenario-1/
{
"context": "Tests whether the agent correctly uses the secure-log2test CLI to convert a Kibana ES export (with sensitive headers, body fields, and URL query parameters) into a pytest suite, properly validates the output for credential leakage, and produces the required validation report.",
"type": "weighted_checklist",
"checklist": [
{
"name": "Correct Kibana format used",
"description": "The tool is invoked against the provided `inputs/api_traffic_export.json` file (which has the `hits.hits[]` top-level structure), not a bare array the agent constructed itself",
"max_score": 8
},
{
"name": "Authorization header redacted",
"description": "In `tests_generated.py`, the Authorization header values are replaced with `***REDACTED***` (not the original Bearer token strings like `eyJhbG...` or `rt_live_tokenfordelete123`)",
"max_score": 10
},
{
"name": "x-api-key header redacted",
"description": "In `tests_generated.py`, the `x-api-key` header value is replaced with `***REDACTED***` (not the original `apk_live_...` string)",
"max_score": 8
},
{
"name": "Body password field redacted",
"description": "In `tests_generated.py`, the body field `password` value is replaced with `***REDACTED***` (not the original `S3cur3P@ssw0rd!` string)",
"max_score": 8
},
{
"name": "Body client_secret field redacted",
"description": "In `tests_generated.py`, the body field `client_secret` value is replaced with `***REDACTED***`",
"max_score": 8
},
{
"name": "Body refresh_token field redacted",
"description": "In `tests_generated.py`, the body field `refresh_token` value is replaced with `***REDACTED***`",
"max_score": 8
},
{
"name": "Body signing_secret field redacted",
"description": "In `tests_generated.py`, the body field `signing_secret` value is replaced with `***REDACTED***`",
"max_score": 8
},
{
"name": "URL query param redacted",
"description": "In `tests_generated.py`, the `access_token=` query parameter value in the GET request URL is replaced with `***REDACTED***` (not the original token value)",
"max_score": 10
},
{
"name": "Test count verification in report",
"description": "The `validation_report.txt` contains the output of `grep -c '^def test_'` (or equivalent command) run against `tests_generated.py`, showing the count of test functions",
"max_score": 10
},
{
"name": "Credential leak check in report",
"description": "The `validation_report.txt` contains the output of a grep search for plaintext Bearer token or x-api-key values in `tests_generated.py`, demonstrating zero matches were found",
"max_score": 10
},
{
"name": "Syntax check in report",
"description": "The `validation_report.txt` contains the result of running `python -m py_compile tests_generated.py` (or equivalent syntax check), showing the file is valid Python",
"max_score": 12
}
]
}.tessl-plugin
evals
scenario-1
scenario-2
secure_log2test
tests