tessl/pypi-yara-python

Python interface for YARA, a powerful malware identification and classification tool

Overall
score

85%

Evaluation — 85%

↓ 0.94x

Agent success when using this tile

Overview

Eval results

Files

{
  "context": "This evaluation assesses how effectively the engineer uses yara-python's match result processing API to extract comprehensive information from scan results. The focus is on proper utilization of Match objects, string match inspection, and instance data extraction capabilities.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "Match Execution",
      "description": "Correctly calls the rules.match() method to execute YARA scans and obtain match results",
      "max_score": 8
    },
    {
      "name": "Match Object Iteration",
      "description": "Properly iterates over the list of match objects returned from rules.match()",
      "max_score": 8
    },
    {
      "name": "Rule Name Access",
      "description": "Accesses the match.rule attribute to extract the name of the matched rule",
      "max_score": 10
    },
    {
      "name": "Namespace Access",
      "description": "Accesses the match.namespace attribute to extract the rule's namespace",
      "max_score": 10
    },
    {
      "name": "Tags Access",
      "description": "Accesses the match.tags attribute to retrieve the list of tags associated with the matched rule",
      "max_score": 8
    },
    {
      "name": "Metadata Access",
      "description": "Accesses the match.meta attribute to retrieve the metadata dictionary from the matched rule",
      "max_score": 8
    },
    {
      "name": "String Matches Access",
      "description": "Accesses the match.strings attribute to iterate over matched string patterns in the rule",
      "max_score": 10
    },
    {
      "name": "String Identifier",
      "description": "Accesses the string.identifier attribute for each matched string to get its name (e.g., '$a', '$pattern')",
      "max_score": 10
    },
    {
      "name": "Instance Iteration",
      "description": "Iterates over string.instances to access individual occurrences where the pattern was found",
      "max_score": 10
    },
    {
      "name": "Instance Offset",
      "description": "Accesses the instance.offset attribute to get the byte offset of each match",
      "max_score": 4
    },
    {
      "name": "Instance Data",
      "description": "Accesses the instance.matched_data attribute to retrieve the actual matched bytes",
      "max_score": 4
    },
    {
      "name": "Instance Length",
      "description": "Accesses the instance.length attribute or calculates length from matched_data to determine match size",
      "max_score": 5
    },
    {
      "name": "Data Structure",
      "description": "Organizes extracted match information into the specified nested dictionary structure with total_matches, matches array, and proper nesting of strings and instances",
      "max_score": 5
    }
  ]
}

Install with Tessl CLI

npx tessl i tessl/pypi-yara-python

tessl/pypi-yara-python

rubric.json.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}evals/scenario-8/

rubric.jsonevals/scenario-8/