{
  "context": "Tests whether the response implements a correct parameterized Python decorator for role-based auth.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "Decorator accepts role parameter",
      "description": "Uses a decorator factory pattern — @require_role('admin') returns a decorator (nested function structure)",
      "max_score": 12
    },
    {
      "name": "Extracts and decodes JWT",
      "description": "Reads the Authorization header, extracts the Bearer token, and decodes the JWT",
      "max_score": 12
    },
    {
      "name": "Returns 401 for missing/invalid token",
      "description": "Returns HTTP 401 when the token is missing, malformed, or expired",
      "max_score": 10
    },
    {
      "name": "Returns 403 for wrong role",
      "description": "Returns HTTP 403 when the token is valid but the user lacks the required role",
      "max_score": 10
    },
    {
      "name": "Uses functools.wraps",
      "description": "Applies @functools.wraps(f) to preserve the wrapped function's name and docstring",
      "max_score": 8
    },
    {
      "name": "No incorrect information",
      "description": "Python code is syntactically valid and Flask/JWT usage is correct",
      "max_score": 10
    }
  ]
}

evals

scenario-1

scenario-2

scenario-3

scenario-4

scenario-5

scenario-6

scenario-7

scenario-8

scenario-9

scenario-10

scenario-11

scenario-12

scenario-13

scenario-14

scenario-15

scenario-16

scenario-17

scenario-18

scenario-19

scenario-20

scenario-21

scenario-22

scenario-23

scenario-24

scenario-25

criteria.json

task.md

scenario-26

scenario-27

scenario-28

scenario-29

scenario-30

scenario-31

scenario-32

scenario-33

scenario-34

scenario-35

scenario-36

scenario-37

README.md

SKILL.md

tile.json

juliusbrussee/caveman

criteria.json.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}evals/scenario-25/

criteria.jsonevals/scenario-25/