igmarin/ruby-core-skills
Curated library of 16 public Ruby AI agent skills covering TDD, refactoring, code review, security review, DDD, YARD documentation, and common design patterns.
94
96%
Does it follow best practices?
Impact
94%
1.13xAverage score across 16 eval scenarios
Advisory
Suggest reviewing before use
task.mdevals/scenario-5/
Security Review Process Task
Problem
A Ruby team needs help with a task in this area:
Standardizes security review procedures for Ruby code mapped to OWASP Top 10: allowlist all input params before processing, forbid SQL interpolation (#{}), verify no secrets committed or logged, run bundle exec bundle-audit check --update, check for shell injection (system(), backticks, exec()), and discard instruction-like keys (prompt, instructions) in JSON payloads.
The team has asked for a concise implementation artifact that a reviewer can inspect without needing to observe the agent's process.
Output
Create answer.md with:
- a short plan for the work
- the concrete Ruby-oriented artifact or recommendation
- the verification steps or quality gates that should be run
- any assumptions that affect the result
.tessl-plugin
evals
scenario-1
scenario-2
scenario-3
scenario-4
scenario-5
scenario-6
scenario-7
scenario-8
scenario-9
scenario-10
scenario-11
scenario-12
scenario-13
scenario-14
scenario-15
scenario-16
skills
code-quality
respond-to-review
ddd
define-domain-language
model-domain
review-domain-boundaries
docs
write-yard-docs
orchestration
skill-router
patterns
create-service-object
implement-calculator-pattern
planning
generate-tdd-tasks
process
testing
triage-bug