{
  "context": "This criteria evaluates how effectively the engineer uses the yara-python package to implement a malware scanner that compiles rules from files and scans target files for pattern matches. The focus is on correct usage of yara.compile(), Rules.match(), and proper handling of match result objects.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "Rule Compilation",
      "description": "Uses yara.compile() with the filepath parameter to load and compile rules from a file path. Does not use source parameter or other compilation methods when compiling from files.",
      "max_score": 25
    },
    {
      "name": "File Scanning",
      "description": "Uses the match() method on the compiled Rules object with the filepath parameter to scan files. Does not load file contents manually or use the data parameter when scanning files by path.",
      "max_score": 25
    },
    {
      "name": "Match Result Access",
      "description": "Accesses match result properties correctly, specifically using match.rule to get the rule name and match.strings to get matched string information. Does not attempt to access non-existent properties or use incorrect attribute names.",
      "max_score": 25
    },
    {
      "name": "Error Handling",
      "description": "Properly handles yara.Error or its subclasses (such as yara.SyntaxError) for compilation errors and file-related errors during scanning. Allows exceptions to propagate appropriately rather than suppressing them.",
      "max_score": 15
    },
    {
      "name": "Multiple File Processing",
      "description": "Implements multiple file scanning by iterating over file paths and calling match() for each file, properly collecting and organizing results. Does not attempt to use non-existent batch scanning methods.",
      "max_score": 10
    }
  ]
}