{
  "context": "Tests whether the agent scrubs only secrets from the env file and leaves non-sensitive values intact, in the format produced by the redact-secrets skill.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "DATABASE_URL password redacted",
      "description": "The DATABASE_URL password component (`hunter2`) is replaced with a placeholder; the rest of the connection string (user, host, port, db name) is kept intact.",
      "max_score": 10
    },
    {
      "name": "GITHUB_TOKEN redacted with prefix preserved",
      "description": "The GITHUB_TOKEN value is redacted but the `ghp_` prefix is kept so the token kind is identifiable.",
      "max_score": 10
    },
    {
      "name": "SLACK_BOT_TOKEN redacted with prefix preserved",
      "description": "The SLACK_BOT_TOKEN value is redacted but the `xoxb-` prefix is kept.",
      "max_score": 10
    },
    {
      "name": "USER_ID UUID is NOT redacted",
      "description": "The USER_ID value (a UUID, `018f1c2a-9d4b-7e91-aaaa-bbbbcccc1111`) is preserved unchanged — UUIDs are not secrets.",
      "max_score": 10
    },
    {
      "name": "Non-sensitive values preserved",
      "description": "LOG_LEVEL, ENVIRONMENT, and PUBLIC_API_URL keep their original values exactly. None of them is redacted.",
      "max_score": 8
    },
    {
      "name": "Line order and structure preserved",
      "description": "Output contains the same number of lines as the input, in the same order, each in `KEY=VALUE` shape.",
      "max_score": 6
    },
    {
      "name": "No extra commentary",
      "description": "The output contains only the env lines — no preamble like 'Here is the redacted version', no trailing notes about what was redacted.",
      "max_score": 6
    }
  ]
}