CtrlK
BlogDocsLog inGet started
Tessl Logo

platform-backend

Server-side architecture and security — API design, error handling, validation, logging. Use when building APIs, server logic, or reviewing backend security.

67

1.06x
Quality

51%

Does it follow best practices?

Impact

99%

1.06x

Average score across 3 eval scenarios

SecuritybySnyk

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./skills/platform/platform-backend/SKILL.md
SKILL.md
Quality
Evals
Security

Evaluation results

100%

13%

Document Collaboration Platform — Secure Write Endpoint

Request lifecycle and multi-tenant authorization

Criteria
Without context
With context

Auth before validation

83%

100%

Authorization after auth

100%

100%

Tenant filter in query

100%

100%

Guard clauses at top

100%

100%

Auth vs authz separated

100%

100%

Output excludes internals

100%

100%

Explicit field selection

100%

100%

Output schema defined

0%

100%

DESIGN.md lifecycle explanation

75%

100%

No silent error swallow

100%

100%

98%

5%

Team Invitation Acceptance System

Error handling, HTTP codes, and information security

Criteria
Without context
With context

Domain-specific error classes

100%

100%

401 for unauthenticated

100%

100%

403 vs 404 distinction

100%

100%

400 for business rule failures

62%

75%

Generic client error message

100%

100%

Server-side error logging

80%

100%

No sensitive data in logs

100%

100%

Structured log objects

100%

100%

ERROR_DECISIONS.md explains status codes

100%

100%

No silent error swallow

83%

100%

100%

User Profile API Endpoint

Strict input validation and safe output schemas

Criteria
Without context
With context

Email format validation

100%

100%

String length constraints

100%

100%

Enum for fixed-value fields

100%

100%

No z.any() or z.unknown()

100%

100%

Role not in input schema

100%

100%

Output schema defined

100%

100%

Sensitive fields excluded from output

100%

100%

Explicit field construction

100%

100%

SCHEMA_NOTES explains exclusions

100%

100%

Date of birth validated

100%

100%

Input validated before use

100%

100%

Repository
ravnhq/ai-toolkit
Commit

7b466be

Evaluated
Agent
Claude Code
Model
Claude Sonnet 4.6

Table of Contents

Document Collaboration Platform — Secure Write EndpointTeam Invitation Acceptance SystemUser Profile API Endpoint

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill