CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl-labs/tessl-skill-review-ci

Implements Tessl skill review CI/CD pipelines through an interactive, configuration-first wizard. Supports GitHub Actions, Jenkins, and Azure DevOps.

70

0.67x
Quality

90%

Does it follow best practices?

Impact

50%

0.67x

Average score across 6 eval scenarios

SecuritybySnyk

Advisory

Suggest reviewing before use

Overview
Quality
Evals
Security
Files

criteria.jsonevals/scenario-4/

{
  "context": "scenario-1",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "C01",
      "description": "Two workflow files exist: a main review workflow and a comment workflow, both under ~/project/.github/workflows/.",
      "max_score": 7
    },
    {
      "name": "C02",
      "description": "The main review workflow does NOT include 'pull-requests: write' in its permissions (since fork PRs must not get write access).",
      "max_score": 7
    },
    {
      "name": "C03",
      "description": "The comment workflow is triggered by 'workflow_run' referencing the main review workflow name.",
      "max_score": 7
    },
    {
      "name": "C04",
      "description": "The comment workflow has 'pull-requests: write' permission (and 'actions: read').",
      "max_score": 7
    },
    {
      "name": "C05",
      "description": "Both workflows use 'develop' as the target branch in all branch references (not 'main'). This includes trigger branches and refs/heads/ references.",
      "max_score": 8
    },
    {
      "name": "C06",
      "description": "Trigger paths include '**/SKILL.md' and '**/skills/**'.",
      "max_score": 7
    },
    {
      "name": "C07",
      "description": "The review workflow contains a score quality gate that checks if AVG_SCORE is less than 70 and sets FAILED=1 or exits with error if below threshold.",
      "max_score": 8
    },
    {
      "name": "C08",
      "description": "The PR comment footer text mentions the 70% threshold (e.g., 'skills scoring below 70% will fail the check') instead of the default informational message.",
      "max_score": 8
    },
    {
      "name": "C09",
      "description": "The main review workflow saves the PR number to an artifact file (e.g., pr-comment/pr_number or similar) and the comment body to another artifact file.",
      "max_score": 8
    },
    {
      "name": "C10",
      "description": "The comment workflow downloads the PR comment artifact and reads the PR number and comment body from the artifact files.",
      "max_score": 8
    },
    {
      "name": "C11",
      "description": "A cache file exists at ~/project/.github/.tessl/skill-review-cache.json with valid JSON containing 'version', 'last_updated', and 'skills' keys.",
      "max_score": 8
    },
    {
      "name": "C12",
      "description": "The cache commit job/step references 'develop' (not 'main') for the push condition and push target.",
      "max_score": 7
    },
    {
      "name": "C13",
      "description": "The PR comment body includes the '<!-- tessl-skill-review -->' HTML marker for comment identification.",
      "max_score": 6
    },
    {
      "name": "C14",
      "description": "The workflow uses actions/checkout pinned to a full SHA hash (e.g. actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5) with fetch-depth: 0 and sets up Node.js 20.",
      "max_score": 4
    }
  ]
}

evals

scenario-4

criteria.json

task.md

azure-devops.md

circleci.md

github-actions.md

gitlab-ci.md

jenkins.md

README.md

SKILL.md

tessl-skill-review-ci-review.md

TESTING.md

tile.json