CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl-labs/express-error-handling

Production error handling for Express APIs — error middleware, async wrappers,

89

2.02x
Quality

86%

Does it follow best practices?

Impact

97%

2.02x

Average score across 4 eval scenarios

SecuritybySnyk

Passed

No known issues

Overview
Quality
Evals
Security
Files

criteria.jsonevals/scenario-4/

{
  "context": "Tests whether the agent proactively adds error handling when building an API that calls an external service. The external service throws various errors (timeouts, service unavailable, not found) that should be caught and mapped to appropriate HTTP responses rather than leaked to the client.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "Global error middleware",
      "description": "A centralized error-handling middleware with 4 arguments (err, req, res, next) is defined and registered after all routes",
      "max_score": 14
    },
    {
      "name": "Async error safety",
      "description": "The async route handler is wrapped so rejected promises are caught and forwarded to Express error handling -- asyncHandler wrapper, try/catch with next(err), or express-async-errors",
      "max_score": 14
    },
    {
      "name": "External errors mapped to HTTP responses",
      "description": "Errors from the weather service are caught and mapped to appropriate HTTP responses (e.g. ETIMEDOUT -> 504 or 502, service unavailable -> 502 or 503, city not found -> 404) rather than returning 500 for everything",
      "max_score": 15
    },
    {
      "name": "No raw error messages to client",
      "description": "Raw error messages from the external service (ETIMEDOUT, 'Service temporarily unavailable' internal string) are NOT forwarded verbatim to the client. Responses use safe, human-readable messages.",
      "max_score": 12
    },
    {
      "name": "Structured error format",
      "description": "Error responses use a consistent shape (e.g. { error: { code, message } }) across all error cases -- not different formats for different errors",
      "max_score": 12
    },
    {
      "name": "404 catch-all for unknown routes",
      "description": "Unknown routes return a JSON 404 response, not Express's default HTML 'Cannot GET /path' response",
      "max_score": 8
    },
    {
      "name": "Graceful shutdown",
      "description": "SIGTERM/SIGINT handlers are registered to close the server gracefully with server.close()",
      "max_score": 8
    },
    {
      "name": "Input validation",
      "description": "The city parameter is validated before calling the external service (e.g. non-empty check, reasonable format)",
      "max_score": 8
    },
    {
      "name": "Weather endpoint functional",
      "description": "The GET /api/weather/:city endpoint works correctly for valid cities -- returns weather data with appropriate status code",
      "max_score": 9
    }
  ]
}

evals

scenario-4

criteria.json

task.md

tile.json