CtrlK
BlogDocsLog inGet started
Tessl Logo

nicholasjackson/opa-rego-language

Rego is the declarative policy language used by Open Policy Agent (OPA). This tile covers writing and testing Rego policies for Kubernetes admission control, Terraform and infrastructure-as-code plan validation, Docker container authorization, HTTP API authorization, RBAC and role-based access control, data filtering, metadata annotations with opa inspect, and OPA policy testing with opa test.

99

1.19x

Quality

Pending

Does it follow best practices?

Impact

99%

1.19x

Average score across 31 eval scenarios

SecuritybySnyk

Pending

The risk profile of this skill

Overview
Eval results
Files

rubric.jsonevals/scenario-31/

{
  "context": "Evaluates whether the agent produces correctly structured OPA tests: test file named with `_test.rego` suffix, package uses `_test` suffix, imports the policy package and references rules via the alias, and each test has a unique descriptive name.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "Test file named `authz_test.rego` with `_test` package suffix",
      "description": "The test file is named `authz_test.rego` and the package is `api.authz_test` — not `test_authz.rego` or `package api.authz`",
      "max_score": 25
    },
    {
      "name": "Policy package imported and rules referenced via alias",
      "description": "Test file contains `import data.api.authz` and references the rule as `authz.allow` — not just `allow` (which would fail since the test is in a different package)",
      "max_score": 30
    },
    {
      "name": "Unique descriptive test names",
      "description": "Each `test_` rule has a unique, descriptive name (e.g. `test_allow_admin`, `test_deny_viewer_post`) — no duplicated test names",
      "max_score": 20
    },
    {
      "name": "Tests pass",
      "description": "All tests pass when running `opa test . -v`",
      "max_score": 25
    }
  ]
}

evals

scenario-31

rubric.json

task.md

README.md

rules.md

tile.json