tessl-skill-review-ci • tessl-labs • Registry • Tessl

Name: tessl-labs/tessl-skill-review-ci
Rating: 0.94 (1 reviews)
Author: tessl-labs

tessl-labs/tessl-skill-review-ci

Implements Tessl skill review CI/CD pipelines through an interactive, configuration-first wizard. Supports GitHub Actions, GitLab CI, Jenkins, Azure DevOps, and CircleCI.

1.75x

Quality

90%

Does it follow best practices?

Impact

100%

1.75x

Average score across 5 eval scenarios

{
  "context": "Tests whether the agent correctly implements the two-workflow architecture for a public repository, properly separating untrusted review from trusted commenting to protect secrets from fork PRs.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "Two separate workflows",
      "description": "Creates two workflow files: one for review and one for commenting (not a single workflow)",
      "max_score": 12
    },
    {
      "name": "Review without PR write",
      "description": "The review workflow does NOT have pull-requests: write permission (runs in untrusted context)",
      "max_score": 10
    },
    {
      "name": "Comment via workflow_run",
      "description": "The comment workflow uses workflow_run trigger to run after the review workflow completes",
      "max_score": 10
    },
    {
      "name": "Artifact passing",
      "description": "Review results are passed from review workflow to comment workflow via artifacts (upload-artifact/download-artifact)",
      "max_score": 10
    },
    {
      "name": "Comment has PR write",
      "description": "The comment workflow has pull-requests: write permission (runs in trusted context)",
      "max_score": 8
    },
    {
      "name": "Security explanation",
      "description": "Security analysis explains that fork PRs cannot access secrets in the review workflow",
      "max_score": 10
    },
    {
      "name": "Trusted vs untrusted",
      "description": "Security analysis distinguishes between trusted context (comment workflow) and untrusted context (review workflow)",
      "max_score": 8
    },
    {
      "name": "Score diff tracking",
      "description": "Review workflow includes score comparison against cached previous scores",
      "max_score": 8
    },
    {
      "name": "Cache commit on main",
      "description": "Includes cache commit job that runs on push to main branch",
      "max_score": 8
    },
    {
      "name": "API key in checklist",
      "description": "Setup checklist mentions configuring TESSL_API_KEY as a repository secret",
      "max_score": 8
    },
    {
      "name": "Skip CI marker",
      "description": "Cache commits include [skip ci] to prevent pipeline re-triggering",
      "max_score": 8
    }
  ]
}

Install with Tessl CLI

npx tessl i tessl-labs/tessl-skill-review-ci

evals

scenario-1

scenario-2

scenario-3

scenario-4

scenario-5

tessl-labs/tessl-skill-review-ci

rubric.json.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}evals/scenario-4/

rubric.jsonevals/scenario-4/