Security & Testing Agent Skills

Automated Code Fixer

Executes targeted code fixes for issues identified in prior reviews using parallel subagents and automated verification.

HTML Injection Security Testing

Identifies and exploits HTML injection vulnerabilities to secure web applications against content manipulation and phishing attacks.

Privilege Escalation Methods

Provides specialized techniques and command patterns for escalating system privileges from low-level access to root or administrator status.

SQL Injection Security Testing

Conducts comprehensive SQL injection vulnerability assessments to identify, exploit, and remediate database security flaws in web applications.

SSH Penetration Testing

Conducts comprehensive security assessments of SSH services including enumeration, credential attacks, and vulnerability exploitation.

Pentest Commands Reference

Provides a comprehensive command reference for penetration testing tools including network scanning, exploitation, and vulnerability assessment.

Session Security Checker

Audits and secures session management implementations within your codebase to prevent vulnerabilities like session fixation and hijacking.

Security Scanning Tools

Provides expert guidance and command-line patterns for network discovery, vulnerability assessment, and security auditing across diverse environments.

Test Environment Manager

Orchestrates and manages isolated, reproducible test environments using Docker Compose and Testcontainers.

Wireshark Traffic Analysis

Performs comprehensive network packet capture, filtering, and protocol analysis for troubleshooting and security investigations.

Bats Shell Testing Patterns

Provides comprehensive patterns and best practices for writing automated unit tests for shell scripts using the Bats framework.

IDOR Vulnerability Testing Skill

Provides a systematic framework for detecting, exploiting, and remediating Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.

Broken Authentication Security Testing

Identifies and exploits authentication and session management vulnerabilities in web applications to prevent unauthorized access and account takeovers.

Web Application Testing

Tests local web applications using Playwright scripts with automated server lifecycle management and DOM inspection capabilities.

Test Environment Manager

Orchestrates isolated, reproducible test environments using Docker Compose and Testcontainers to streamline software testing workflows.

Integration Test Runner

Automates the setup, execution, and cleanup of integration test suites including database orchestration and service management.

API Fuzzing & Bug Bounty Security

Performs comprehensive API security assessments using advanced fuzzing, IDOR exploitation, and GraphQL vulnerability discovery techniques.

Bible Widget Testing Assistant

Automates the validation and testing of embeddable Bible widgets, ensuring accurate scripture reference parsing and audio integration.

Agent Performance Evaluation

Builds robust evaluation frameworks and multi-dimensional rubrics to measure AI agent quality, accuracy, and efficiency.

Network 101: Service Lab Configuration

Configures and tests core network services like HTTP, HTTPS, SNMP, and SMB for penetration testing labs and security research.

Bitwarden for Claude Code

Manages secure passwords, secrets, and vault items directly through Claude Code using the Bitwarden CLI.

Privacy Review & Secret Scanner

Audits git repositories for sensitive data exposure to prevent accidental leaks of API keys, passwords, and credentials.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress to ensure reliable user journeys and zero regressions.

Nixtla Test Generator

Generates comprehensive pytest suites from functional requirements to automate test scaffolding for Nixtla-based plugins and pipelines.

Security Test Scanner

Automates comprehensive security vulnerability scans and penetration tests for applications and APIs using OWASP standards.

Hookify Rule Writing

Configures custom guardrails and automated notifications for Claude Code by defining event-driven patterns.

Test Data Generator

Generates realistic, schema-compliant test data to populate databases and simulate user behavior for comprehensive software testing.

.NET Unit Testing Patterns

Implements standardized unit testing architectures for .NET applications using xUnit, Moq, and FluentAssertions.

Senior QA & Test Automation

Automates the creation, analysis, and scaffolding of comprehensive test suites for modern web applications and microservices.

Assertion Helper

Generates precise, context-aware assertions for unit and integration tests by analyzing function logic and data structures.