tessl-labs/fastapi-security-basics
Security defaults that belong in every FastAPI application from day one.
93
7.00x
Quality
90%
Does it follow best practices?
Impact
98%
7.00xAverage score across 5 eval scenarios
Securityby
Passed
No known issues
fastapi-security-headers.jsonverifiers/
{
"instruction": "Add security headers middleware to FastAPI",
"relevant_when": "Agent creates or modifies a FastAPI application, adds routes to a FastAPI app, or sets up a FastAPI project",
"context": "Every FastAPI app must have a custom HTTP middleware that adds security headers to all responses: X-Content-Type-Options: nosniff, X-Frame-Options: DENY, X-XSS-Protection: 1; mode=block, and Referrer-Policy: strict-origin-when-cross-origin.",
"sources": [
{
"type": "file",
"filename": "skills/fastapi-security-basics/SKILL.md",
"tile": "tessl-labs/fastapi-security-basics@0.2.0"
}
],
"checklist": [
{
"name": "security-headers-middleware-exists",
"rule": "Agent adds an @app.middleware('http') function that modifies response headers",
"relevant_when": "Agent creates or modifies a FastAPI application"
},
{
"name": "x-content-type-options-set",
"rule": "Agent sets X-Content-Type-Options header to 'nosniff' in the security headers middleware",
"relevant_when": "Agent creates or modifies a FastAPI application"
},
{
"name": "x-frame-options-set",
"rule": "Agent sets X-Frame-Options header to 'DENY' in the security headers middleware",
"relevant_when": "Agent creates or modifies a FastAPI application"
},
{
"name": "referrer-policy-set",
"rule": "Agent sets Referrer-Policy header to 'strict-origin-when-cross-origin' or stricter in the security headers middleware",
"relevant_when": "Agent creates or modifies a FastAPI application"
},
{
"name": "call-next-invoked",
"rule": "Agent calls await call_next(request) in the middleware and returns the response",
"relevant_when": "Agent creates or modifies a FastAPI application"
}
]
}evals
scenario-1
scenario-2
scenario-3
scenario-4
scenario-5
skills
fastapi-security-basics
verifiers