CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl-labs/configuration-management

Production config management for any backend — centralized config module, env vars, no hardcoded secrets, fail-fast validation

86

1.88x
Quality

77%

Does it follow best practices?

Impact

100%

1.88x

Average score across 5 eval scenarios

SecuritybySnyk

Passed

No known issues

Overview
Quality
Evals
Security
Files

criteria.jsonevals/scenario-3/

{
  "context": "Tests whether the agent proactively implements proper configuration management when building a payment API that connects to Stripe and PostgreSQL. The task does not mention config management, environment variables, or .env files -- the agent should apply these patterns automatically.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "Centralized config module",
      "description": "A dedicated config module exists (e.g. src/config.ts or config/index.ts) that consolidates all configuration in one place. Application files import config from this module rather than reading process.env directly in route handlers, db.ts, or server.ts.",
      "max_score": 18
    },
    {
      "name": "Database URL from environment",
      "description": "The PostgreSQL connection string/URL comes from an environment variable (e.g. DATABASE_URL), not hardcoded in source code. The pg Pool or Client is configured using the env-based config value.",
      "max_score": 15
    },
    {
      "name": "Stripe keys from environment",
      "description": "Stripe secret key and webhook secret come from environment variables (e.g. STRIPE_SECRET_KEY, STRIPE_WEBHOOK_SECRET), not hardcoded. The Stripe client is initialized using env-based config values.",
      "max_score": 15
    },
    {
      "name": "Required config fails fast",
      "description": "Required config values (DATABASE_URL, STRIPE_SECRET_KEY, STRIPE_WEBHOOK_SECRET) are validated at startup -- if any are missing, the app throws a clear error immediately rather than starting with undefined values.",
      "max_score": 15
    },
    {
      "name": "Env file gitignored",
      "description": ".env is listed in .gitignore so secrets are not committed to the repository",
      "max_score": 12
    },
    {
      "name": ".env.example exists",
      "description": "A .env.example file is provided that documents the required and optional environment variables without containing real secret values",
      "max_score": 10
    },
    {
      "name": "Port from environment with default",
      "description": "The server port comes from an environment variable (PORT) with a sensible default (e.g. 3000), not hardcoded",
      "max_score": 8
    },
    {
      "name": "Payment endpoints functional",
      "description": "The payment CRUD endpoints and webhook endpoint are implemented with the specified business rules",
      "max_score": 7
    }
  ]
}

evals

scenario-3

criteria.json

task.md

tile.json