CtrlK
BlogDocsLog inGet started
Tessl Logo

platform-backend

Server-side architecture and security — API design, error handling, validation, logging. Use when building APIs, server logic, or reviewing backend security.

Install with Tessl CLI

npx tessl i github:ravnhq/ai-toolkit --skill platform-backend
What are skills?

63

1.06x

Quality

44%

Does it follow best practices?

Impact

99%

1.06x

Average score across 3 eval scenarios

Optimize this skill with Tessl

npx tessl skill review --optimize ./skills/platform/platform-backend/SKILL.md
SKILL.md
Review
Evals

Evaluation results

100%

13%

Document Collaboration Platform — Secure Write Endpoint

Request lifecycle and multi-tenant authorization

Criteria
Without context
With context

Auth before validation

83%

100%

Authorization after auth

100%

100%

Tenant filter in query

100%

100%

Guard clauses at top

100%

100%

Auth vs authz separated

100%

100%

Output excludes internals

100%

100%

Explicit field selection

100%

100%

Output schema defined

0%

100%

DESIGN.md lifecycle explanation

75%

100%

No silent error swallow

100%

100%

Without context: $0.6857 · 3m 1s · 33 turns · 38 in / 10,830 out tokens

With context: $1.6112 · 6m 31s · 59 turns · 554 in / 18,717 out tokens

98%

5%

Team Invitation Acceptance System

Error handling, HTTP codes, and information security

Criteria
Without context
With context

Domain-specific error classes

100%

100%

401 for unauthenticated

100%

100%

403 vs 404 distinction

100%

100%

400 for business rule failures

62%

75%

Generic client error message

100%

100%

Server-side error logging

80%

100%

No sensitive data in logs

100%

100%

Structured log objects

100%

100%

ERROR_DECISIONS.md explains status codes

100%

100%

No silent error swallow

83%

100%

Without context: $0.4423 · 1m 50s · 23 turns · 26 in / 6,983 out tokens

With context: $0.7637 · 2m 21s · 37 turns · 539 in / 8,680 out tokens

100%

User Profile API Endpoint

Strict input validation and safe output schemas

Criteria
Without context
With context

Email format validation

100%

100%

String length constraints

100%

100%

Enum for fixed-value fields

100%

100%

No z.any() or z.unknown()

100%

100%

Role not in input schema

100%

100%

Output schema defined

100%

100%

Sensitive fields excluded from output

100%

100%

Explicit field construction

100%

100%

SCHEMA_NOTES explains exclusions

100%

100%

Date of birth validated

100%

100%

Input validated before use

100%

100%

Without context: $0.7006 · 3m 42s · 32 turns · 38 in / 11,606 out tokens

With context: $0.6932 · 2m 31s · 31 turns · 3,019 in / 9,068 out tokens

Evaluated
Agent
Claude Code
Model
Claude Sonnet 4.6

Table of Contents

Document Collaboration Platform — Secure Write EndpointTeam Invitation Acceptance SystemUser Profile API Endpoint

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill