nicholasjackson/opa-rego-language
Rego is the declarative policy language used by Open Policy Agent (OPA). This tile covers writing and testing Rego policies for Kubernetes admission control, Terraform and infrastructure-as-code plan validation, Docker container authorization, HTTP API authorization, RBAC and role-based access control, data filtering, metadata annotations with opa inspect, and OPA policy testing with opa test.
99
Quality
Pending
Does it follow best practices?
Impact
99%
1.19xAverage score across 31 eval scenarios
Pending
The risk profile of this skill
rubric.jsonevals/scenario-30/
{
"context": "Evaluates whether the agent follows Regal naming conventions: snake_case identifiers (prefer-snake-case), no get_/list_ prefixes (avoid-get-and-list-prefix), and no repetition of the package path in rule names (rule-name-repeats-package).",
"type": "weighted_checklist",
"checklist": [
{
"name": "snake_case for all identifiers",
"description": "All rule names, function names, and variable names use snake_case — no camelCase (e.g. `userRole`, `isAdmin`) or PascalCase",
"max_score": 35
},
{
"name": "No get_ or list_ prefix on rule names",
"description": "No rule or function is named with a `get_` or `list_` prefix (e.g. `get_user_role`, `list_permissions`) — the value itself is the rule name",
"max_score": 30
},
{
"name": "No package path repetition in rule names",
"description": "Rules do not repeat the package path — in `rbac.authz`, the allow rule is named `allow` not `rbac_authz_allow` or `authz_allow`",
"max_score": 10
},
{
"name": "Tests pass",
"description": "All tests pass when running `opa test . -v`",
"max_score": 25
}
]
}docs
evals
scenario-1
scenario-2
scenario-3
scenario-4
scenario-5
scenario-6
scenario-7
scenario-8
scenario-9
scenario-10
scenario-11
scenario-12
scenario-13
scenario-14
scenario-15
scenario-16
scenario-17
scenario-18
scenario-19
scenario-20
scenario-21
scenario-22
scenario-23
scenario-24
scenario-25
scenario-26
scenario-27
scenario-28
scenario-29
scenario-30
scenario-31