CtrlK
BlogDocsLog inGet started
Tessl Logo

igmarin/rails-agent-skills

Curated library of 28 atomic skills and 9 personas for Ruby on Rails development. Organized by category: testing, code-quality, engines, infrastructure, api, context, and personas. Covers code review, architecture, security, testing (RSpec), engines, Hotwire, and TDD automation. Shared Ruby skills (YARD docs, DDD, service objects) have moved to ruby-core-skills.

93

1.16x
Quality

95%

Does it follow best practices?

Impact

93%

1.16x

Average score across 28 eval scenarios

SecuritybySnyk

Advisory

Suggest reviewing before use

Overview
Quality
Evals
Security
Files

task.mdevals/scenario-10/

Security Check Task

Problem

A Rails team needs help with a task in this area:

Use when performing security audits on Rails application code — must check authentication/authorization, parameter handling, redirects/rendering, file/network/job inputs, and secrets/logging, verify each finding is exploitable with a concrete attack scenario before reporting (excluding false positives without using representative file paths), and present sections in the exact order specified, even if empty.

The team has asked for a concise implementation artifact that a reviewer can inspect without needing to observe the agent's process.

Output

Create answer.md with:

  • a short plan for the work
  • the concrete Rails-oriented artifact or recommendation
  • the verification steps or quality gates that should be run
  • any assumptions that affect the result

evals

scenario-10

criteria.json

task.md

README.md

tile.json