CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/pypi-yara-python

Python interface for YARA, a powerful malware identification and classification tool

Overall
score

85%

Evaluation85%

 0.94x

Agent success when using this tile

Overview
Eval results
Files

task.mdevals/scenario-7/

Malware Scanner Service

Build a malware scanning service that efficiently scans files using pre-compiled YARA rules.

Requirements

Your service must support the following operations:

  1. Load pre-compiled rules: The service should load YARA rules from a pre-compiled binary file (not from source).

  2. Scan files: Accept a file path and scan it against the loaded rules, returning all matches.

  3. Return match information: For each matched rule, return:

    • The rule name
    • The namespace (if present)
    • Any tags associated with the rule

Input/Output Specification

Scanner Initialization

The scanner should be initialized with the path to a pre-compiled YARA rules file.

Scan Operation

  • Input: A file path to scan
  • Output: A list of dictionaries, where each dictionary contains:
    • "rule": The name of the matched rule (string)
    • "namespace": The namespace of the rule (string, or empty string if none)
    • "tags": A list of tags associated with the rule (list of strings, empty list if no tags)

If no rules match, return an empty list.

Test Cases

  • Given a pre-compiled rules file, loading it successfully initializes the scanner without errors. @test

  • Scanning a file that matches a rule returns the correct rule name, namespace, and tags. @test

  • Scanning a file that doesn't match any rules returns an empty list. @test

Implementation

@generates

API

class MalwareScanner:
    """Scanner that uses pre-compiled YARA rules to detect malware."""

    def __init__(self, compiled_rules_path: str):
        """
        Initialize the scanner with pre-compiled YARA rules.

        Args:
            compiled_rules_path: Path to the pre-compiled YARA rules file
        """
        pass

    def scan_file(self, file_path: str) -> list[dict]:
        """
        Scan a file against the loaded rules.

        Args:
            file_path: Path to the file to scan

        Returns:
            A list of dictionaries with keys: 'rule', 'namespace', 'tags'
            Each dictionary represents a matched rule.
            Returns empty list if no matches.
        """
        pass

Dependencies { .dependencies }

yara-python { .dependency }

Provides YARA pattern matching capabilities for malware detection.

Install with Tessl CLI

npx tessl i tessl/pypi-yara-python

evals

scenario-7

rubric.json

task.md

tile.json