tessl-labs/express-security-basics

Security defaults that belong in every Express application from day one.

6.18x

Quality

90%

Does it follow best practices?

Impact

99%

6.18x

Average score across 5 eval scenarios

Securityby

Passed

No known issues

Build a Todo API with Express

Name: tessl-labs/express-security-basics
Rating: 93.6 (1 reviews)
Author: tessl-labs

Problem/Feature Description

A small team needs a REST API for their todo application. The API should be built with Express and TypeScript. It will be consumed by a React frontend running on a separate domain. The backend will be deployed behind an nginx reverse proxy.

The API needs the following endpoints:

GET /api/todos -- list all todos
POST /api/todos -- create a new todo (accepts JSON body with title and optional description)
PATCH /api/todos/:id -- update a todo (toggle completed, edit title)
DELETE /api/todos/:id -- delete a todo

Use an in-memory array as the data store (no database required). Each todo should have id, title, description, completed, and createdAt fields.

Output Specification

Produce:

app.ts -- Express application with all middleware and route setup
routes/todos.ts -- Router module with the CRUD endpoint handlers
package.json -- With all required dependencies

evals

scenario-1

scenario-2

scenario-3

scenario-4

criteria.json

task.md

scenario-5

skills

verifiers

tile.json

tessl-labs/express-security-basics

task.md.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}evals/scenario-4/

Build a Todo API with Express

Problem/Feature Description

Output Specification

task.mdevals/scenario-4/