{
  "context": "Evaluates whether the agent writes a _test.rego file alongside an IaC policy, using the correct OPA test conventions: _test package suffix, with input as mocking with realistic Terraform plan JSON, both positive and negative test cases, and passing tests. These testing criteria are extracted here so they are not duplicated across every individual IaC scenario.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "_test.rego filename suffix",
      "description": "The test file is named with a `_test.rego` suffix (e.g. `terraform_test.rego`) per the Regal file-missing-test-suffix convention, and the package ends in `_test` (e.g. `package terraform.analysis_test`)",
      "max_score": 25
    },
    {
      "name": "mocks Terraform plan input with `with input as`",
      "description": "Test rules supply mock Terraform plan JSON using `with input as { \"resource_changes\": [...] }` (or the HCP Terraform nested form) rather than relying on real input",
      "max_score": 25
    },
    {
      "name": "includes both positive and negative test cases",
      "description": "Tests cover both the compliant case (deny is empty when bucket_prefix is set) and the violating case (deny contains a message when bucket_prefix is absent)",
      "max_score": 25
    },
    {
      "name": "tests pass",
      "description": "All tests pass when running `opa test . -v`",
      "max_score": 25
    }
  ]
}