tessl/pypi-yara-python

Python interface for YARA, a powerful malware identification and classification tool

Overall
score

85%

Evaluation — 85%

↓ 0.94x

Agent success when using this tile

Overview

Eval results

Files

{
  "context": "This criteria evaluates how well the engineer uses the yara-python package to compile YARA rules from a file path and scan data for matches. The focus is on correct usage of yara.compile() with filepath parameter and proper match result processing.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "Uses yara.compile()",
      "description": "The load_rules() function uses yara.compile() with the filepath parameter to compile rules from a file",
      "max_score": 25
    },
    {
      "name": "Filepath parameter usage",
      "description": "The filepath parameter is correctly passed to yara.compile() (e.g., yara.compile(filepath=filepath) or yara.compile(filepath='path'))",
      "max_score": 20
    },
    {
      "name": "Returns compiled object",
      "description": "The load_rules() function returns the Rules object returned by yara.compile()",
      "max_score": 10
    },
    {
      "name": "Uses match() method",
      "description": "The scan_data() function calls the match() method on the compiled Rules object",
      "max_score": 20
    },
    {
      "name": "Data parameter usage",
      "description": "The data parameter is correctly passed to the match() method (e.g., rules.match(data=data))",
      "max_score": 10
    },
    {
      "name": "Extracts rule names",
      "description": "The scan_data() function accesses the .rule or .namespace attribute of match objects to extract rule names",
      "max_score": 15
    }
  ]
}

Install with Tessl CLI

npx tessl i tessl/pypi-yara-python

tessl/pypi-yara-python

rubric.json.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}evals/scenario-3/

rubric.jsonevals/scenario-3/