or run

tessl search
Log in

Version

Workspace
tessl
Visibility
Public
Created
Last updated
Describes

pkg:github/python/cpython@v3.13.2

evals

scenario-10

rubric.jsontask.md
tile.json

tessl/github-python--cpython

tessl install tessl/github-python--cpython@3.13.0

CPython is the reference implementation of the Python programming language providing the core interpreter, runtime system, and comprehensive standard library.

Agent Success

Agent success rate when using this tile

96%

Improvement

Agent success rate improvement when using this tile compared to baseline

1.07x

Baseline

Agent success rate without this tile

90%

rubric.jsonevals/scenario-10/

{
  "context": "Evaluates how solutions rely on Python's standard security primitives for randomness, hashing, key derivation, and message authentication. Scoring checks for correct use of hashlib, hmac, and secrets APIs that align with the spec's deterministic outputs and integrity requirements.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "Secure randomness",
      "description": "generate_session_token draws entropy with secrets.token_urlsafe or secrets.token_bytes (not random/uuid) honoring the requested byte count before encoding.",
      "max_score": 20
    },
    {
      "name": "Token encoding",
      "description": "Token output stays URL-safe (base64url or equivalent), keeps or exceeds the expected length for 24 bytes of entropy, and avoids manual padding/truncation that would reduce randomness.",
      "max_score": 10
    },
    {
      "name": "File digest",
      "description": "file_hex_digest builds a digest with hashlib.sha256 or hashlib.new('sha256'), reading file bytes (chunked or all at once) and returning the hexdigest from the hashlib object.",
      "max_score": 20
    },
    {
      "name": "Password KDF",
      "description": "derive_key_from_password uses hashlib.pbkdf2_hmac('sha256', password, salt, iterations, dklen=key_length) to reproduce the specified 32-byte output for the given salt and iteration count.",
      "max_score": 20
    },
    {
      "name": "Key check constant-time",
      "description": "verify_password_key recomputes the PBKDF2 output and compares it to expected_key with hmac.compare_digest or secrets.compare_digest instead of direct equality.",
      "max_score": 10
    },
    {
      "name": "HMAC signing",
      "description": "sign_message creates a MAC via hmac.new(key, message, hashlib.sha256) (or the algorithm argument mapped through hashlib) and returns the raw digest bytes.",
      "max_score": 10
    },
    {
      "name": "Signature verification",
      "description": "verify_message recomputes the HMAC with the same digestmod and validates it with hmac.compare_digest so tampered messages are rejected.",
      "max_score": 10
    }
  ]
}