CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/pypi-safety

Scan dependencies for known vulnerabilities and licenses.

Overall
score

61%

Overview
Eval results
Files

task.mdevals/scenario-2/

Vulnerability Report Formatter

Build a command-line tool that generates vulnerability scan reports in multiple output formats for a Python dependency scanner.

Requirements

Your tool should accept vulnerability scan data and output it in different formats suitable for various use cases:

  1. JSON Format: Structured data output for programmatic consumption and CI/CD integration
  2. Screen Format: Human-readable terminal output with clear visual hierarchy
  3. Text Format: Plain text reports suitable for logging or file storage

Input Data Structure

The input will be a Python dictionary containing:

  • vulnerabilities: List of vulnerability objects, each with:
    • package_name: Name of the affected package (string)
    • vulnerability_id: Unique identifier (string, e.g., "SAFETY-12345")
    • severity: Severity level (string: "CRITICAL", "HIGH", "MEDIUM", "LOW")
    • affected_version: Currently installed version (string)
    • fixed_version: Version that fixes the vulnerability (string or None)
    • description: Brief description of the vulnerability (string)

Output Format Requirements

JSON Format

  • Must produce valid, parsable JSON
  • Include all vulnerability fields
  • Use consistent indentation (2 spaces)
  • Group vulnerabilities by package name

Screen Format

  • Display a summary header showing total vulnerabilities found
  • Group vulnerabilities by severity level (CRITICAL first, then HIGH, MEDIUM, LOW)
  • Use visual separators between vulnerability entries
  • Highlight package names and vulnerability IDs
  • Keep output concise and scannable

Text Format

  • Plain text output (no special characters or formatting)
  • One vulnerability per section
  • Include all fields in a readable format
  • Use clear labels for each field

Command-Line Interface

Implement a simple CLI that:

  • Reads vulnerability data from a JSON file specified as a command-line argument
  • Accepts a format option (json/screen/text) via command-line argument
  • Outputs the formatted report to stdout

Test Cases

  • Formatting a list with 3 vulnerabilities as JSON produces valid, parsable JSON with all vulnerability fields present @test

  • Formatting vulnerabilities as screen output displays CRITICAL severity items before LOW severity items @test

  • Formatting an empty vulnerability list as text output returns "No vulnerabilities found" @test

@generates

API

def format_json(vulnerabilities: list[dict]) -> str:
    """
    Format vulnerability data as JSON string.

    Args:
        vulnerabilities: List of vulnerability dictionaries

    Returns:
        JSON-formatted string with proper indentation
    """
    pass

def format_screen(vulnerabilities: list[dict]) -> str:
    """
    Format vulnerability data for terminal display.

    Args:
        vulnerabilities: List of vulnerability dictionaries

    Returns:
        Human-readable formatted string suitable for terminal output
    """
    pass

def format_text(vulnerabilities: list[dict]) -> str:
    """
    Format vulnerability data as plain text.

    Args:
        vulnerabilities: List of vulnerability dictionaries

    Returns:
        Plain text formatted string
    """
    pass

def main():
    """
    CLI entry point that parses arguments and invokes appropriate formatter.
    """
    pass

Dependencies { .dependencies }

safety { .dependency }

Provides vulnerability scanning and report formatting capabilities for Python dependencies.

@satisfied-by

Install with Tessl CLI

npx tessl i tessl/pypi-safety

evals

scenario-2

rubric.json

task.md

tile.json