CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/pypi-safety

Scan dependencies for known vulnerabilities and licenses.

Overall
score

61%

Overview
Eval results
Files

task.mdevals/scenario-3/

Dependency Vulnerability Checker

Build a Python application that scans Python project dependencies for known security vulnerabilities and generates a structured report.

Requirements

Your application should:

  1. Accept a path to a Python requirements file as input
  2. Scan the dependencies listed in the file for known security vulnerabilities
  3. Generate a structured report containing:
    • Total number of vulnerabilities found
    • List of vulnerable packages with their versions
    • Severity levels for each vulnerability
    • CVE identifiers where available
  4. Output the report in JSON format

Capabilities

Vulnerability Detection

  • Scanning a requirements file with no vulnerable packages returns zero vulnerability count @test
  • Scanning a requirements file with known vulnerable packages (e.g., django==2.2.0) detects the vulnerabilities @test
  • The scan results include severity levels (CRITICAL, HIGH, MEDIUM, LOW) for detected vulnerabilities @test

Error Handling

  • Scanning a non-existent file raises FileNotFoundError @test

Report Formatting

  • The formatted report is valid JSON and contains all required fields @test

Implementation

@generates

API

def scan_dependencies(requirements_file: str) -> dict:
    """
    Scans a requirements file for vulnerabilities.

    Args:
        requirements_file: Path to the requirements file to scan

    Returns:
        A dictionary containing:
        - 'vulnerability_count': int - Total number of vulnerabilities found
        - 'vulnerable_packages': list - List of dicts with package details
        - 'scan_timestamp': str - ISO timestamp of when scan was performed

    Raises:
        FileNotFoundError: If the requirements file doesn't exist
        ValueError: If the requirements file format is invalid
    """
    pass

def format_report(scan_results: dict) -> str:
    """
    Formats scan results as a JSON string.

    Args:
        scan_results: Dictionary returned from scan_dependencies()

    Returns:
        JSON-formatted string of the scan results
    """
    pass

Dependencies { .dependencies }

safety { .dependency }

Provides vulnerability scanning capabilities for Python dependencies.

@satisfied-by

Install with Tessl CLI

npx tessl i tessl/pypi-safety

evals

scenario-3

rubric.json

task.md

tile.json