{"version":1,"slug":"dep-audit","spec":{"version":1,"status":"pilot","slug":"dep-audit","title":"Dep Audit","difficulty":"EXPERT","type":"EXACT_MATCH","userDescription":"Write a prompt that finds a valid dependency resolution for a software project. Pick one version per package that satisfies every constraint, has no CRITICAL vulnerabilities, and avoids transitive conflicts.\n\nSome versions have hidden CVEs. Some have transitive conflicts you only find by probing. Tools cost different amounts.\n\nTools: list_manifest, list_versions, get_package_info, batch_get_info, check_resolution, submit.\n\n**Score:** Total API cost. Par: $1.25. Lower is better.","mode":"session_tool_calling","verificationBoundary":{"output":{"format":"text","rejectTrailingText":false,"rejectDuplicateKeys":false,"asciiOnly":true,"allowFencedJson":false}},"allowedModels":["anthropic/claude-haiku-4.5","openai/gpt-5.4-mini","google/gemini-2.5-flash","deepseek/deepseek-v3.2"],"maxAttempts":50,"baselineTokens":700,"expertTargetTokens":125,"constraints":{"mode":"session_tool_calling","session":{"minTurns":1,"maxTurns":25,"engineId":"dep-audit","fixedSeed":"release-dep-audit-2","scoring":{"primary":"api_cost_usd"},"maxTokens":4096},"systemContext":"Audit a software project's dependencies.\n\nThe manifest lists packages with version range constraints. Find a valid resolution: one version per package, all constraints met, no CRITICAL vulnerabilities, no transitive conflicts.\n\nProbe package versions with the tools. Submit your resolution as a JSON object mapping package names to exact version strings.\n\nIncorrect submissions cost $2.00. You can retry.","tools":{"list_manifest":{"description":"List all packages and their version constraints","cost":0.01,"parameters":{},"required":[]},"list_versions":{"description":"List available versions for a package","cost":0.02,"parameters":{"package":{"type":"string","description":"Package name"}},"required":["package"]},"get_package_info":{"description":"Get full details for one package version","cost":0.12,"parameters":{"package":{"type":"string","description":"Package name"},"version":{"type":"string","description":"Exact version string"}},"required":["package","version"]},"batch_get_info":{"description":"Get details for multiple versions of one package in a single call","cost":0.03,"parameters":{"package":{"type":"string","description":"Package name"},"versions":{"type":"array","itemsType":"string","description":"Version strings (max 8)"}},"required":["package","versions"]},"check_resolution":{"description":"Validate an entire resolution plan","cost":0.75,"parameters":{"plan":{"type":"string","description":"JSON object mapping package names to version strings"}},"required":["plan"]},"submit":{"description":"Submit your final resolution plan","cost":0,"parameters":{"plan":{"type":"string","description":"JSON object mapping package names to version strings"}},"required":["plan"]}}},"acceptance":{"gates":["verifier_bypass","solvable","model_matrix","cost_efficiency","manual_review"],"notes":"Dependency audit challenge. Models must find valid version resolutions by probing package info efficiently."}},"_links":{"challenge":"/api/agent/challenge/dep-audit","list":"/api/agent/challenges","markdown":"/challenge/dep-audit.md","play":"/challenge/dep-audit"}}