CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl-labs/fastapi-security-basics

Security defaults that belong in every FastAPI application from day one.

93

7.00x
Quality

90%

Does it follow best practices?

Impact

98%

7.00x

Average score across 5 eval scenarios

SecuritybySnyk

Passed

No known issues

Overview
Quality
Evals
Security
Files

fastapi-rate-limiting.jsonverifiers/

{
  "instruction": "Add rate limiting with slowapi to all API endpoints",
  "relevant_when": "Agent creates or modifies a FastAPI application, adds routes to a FastAPI app, or sets up a FastAPI project",
  "context": "Every FastAPI API must have rate limiting via slowapi. Use get_remote_address as key function, assign limiter to app.state, add RateLimitExceeded handler returning 429, and apply @limiter.limit() to routes with stricter limits on auth and mutation endpoints.",
  "sources": [
    {
      "type": "file",
      "filename": "skills/fastapi-security-basics/SKILL.md",
      "tile": "tessl-labs/fastapi-security-basics@0.2.0"
    }
  ],
  "checklist": [
    {
      "name": "slowapi-installed",
      "rule": "Agent includes slowapi in dependencies or imports slowapi (Limiter, get_remote_address, RateLimitExceeded)",
      "relevant_when": "Agent creates or modifies a FastAPI application"
    },
    {
      "name": "limiter-uses-get-remote-address",
      "rule": "Agent creates Limiter with key_func=get_remote_address",
      "relevant_when": "Agent creates or modifies a FastAPI application"
    },
    {
      "name": "limiter-on-app-state",
      "rule": "Agent assigns app.state.limiter = limiter",
      "relevant_when": "Agent creates or modifies a FastAPI application"
    },
    {
      "name": "rate-limit-exceeded-handler",
      "rule": "Agent adds an exception handler for RateLimitExceeded that returns status code 429 with error code 'RATE_LIMITED'",
      "relevant_when": "Agent creates or modifies a FastAPI application"
    },
    {
      "name": "rate-limit-decorator-on-routes",
      "rule": "Agent applies @limiter.limit() decorator to API route handlers",
      "relevant_when": "Agent creates or modifies a FastAPI application"
    },
    {
      "name": "stricter-limits-on-mutations",
      "rule": "Agent applies stricter rate limits to POST/mutation endpoints and auth endpoints than to GET/read endpoints",
      "relevant_when": "Agent creates a FastAPI application with both read and write endpoints"
    }
  ]
}

verifiers

fastapi-cors-configured.json

fastapi-input-validation.json

fastapi-rate-limiting.json

fastapi-security-configured.json

fastapi-security-headers.json

fastapi-trusted-hosts.json

tile.json