tessl-labs/fastapi-security-basics

Security defaults that belong in every FastAPI application from day one.

7.00x

Quality

90%

Does it follow best practices?

Impact

98%

7.00x

Average score across 5 eval scenarios

Securityby

Passed

No known issues

Community Forum API

Name: tessl-labs/fastapi-security-basics
Rating: 93.2 (1 reviews)
Author: tessl-labs

Problem/Feature Description

A startup is building a community forum. The frontend is a React single-page application hosted at https://forum.example.com, and the backend is a new FastAPI service on a separate domain. Users will post questions and answers through the frontend, which calls the API.

The same codebase needs to run in staging and production without code changes -- origins and hostnames differ per environment and should come from environment variables.

Output Specification

Produce a single Python file named main.py that:

Defines a FastAPI application
Includes at least two example API routes (e.g., GET /posts and POST /posts)
The frontend at https://forum.example.com must be able to call the API from the browser

The file should be complete and runnable (all imports present). You do not need to implement real database logic -- stubs or placeholder return values are fine.

evals

scenario-1

criteria.json

task.md

scenario-2

scenario-3

scenario-4

scenario-5

skills

verifiers

tile.json

tessl-labs/fastapi-security-basics

task.md.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}evals/scenario-1/

Community Forum API

Problem/Feature Description

Output Specification

task.mdevals/scenario-1/