Security & Testing Agent Skills

TypeScript Project Standards

Enforces strict TypeScript configurations and automated quality checks to ensure production-grade code consistency.

PHPStan Error Resolver

Automatically detects and resolves PHPStan static analysis errors by iteratively fixing type issues and code inconsistencies.

CCPM Code Review & Verification

Enforces rigorous quality verification gates and structured code reviews within the CCPM project management ecosystem.

Doppler Secrets Management

Streamlines secrets management and environment variable injection using the Doppler CLI for secure, scalable application development.

Verification Loop

Automates a multi-phase quality assurance pipeline to ensure code integrity, type safety, and security before deployment.

Security Auditor

Conducts comprehensive security audits, vulnerability assessments, and DevSecOps integrations to ensure robust application and infrastructure compliance.

WCAG Accessibility Audit

Conducts comprehensive WCAG 2.2 accessibility audits and provides remediation strategies to ensure web content compliance.

Property-Based Testing for Claude Code

Implements robust property-based testing patterns to verify code invariants and detect edge cases across multiple languages.

Auth Smoke Testing

Automates authentication and authorization smoke tests to validate security flows during release cycles.

AI-DLC Quality Backpressure

Enforces automated quality gates using Stop hooks to ensure AI-generated code passes tests, linting, and type checks before proceeding.

TLA+ Formal Specification

Architects and verifies complex distributed systems and concurrent algorithms using the TLA+ formal specification language.

Paranoid Security Auditor

Conducts rigorous, grounded security and quality audits of codebases, architectures, and deployments with built-in PII and injection guardrails.

GitLab Stack Secrets Manager

Manages secure Docker secrets for GitLab stack projects by enforcing proper storage, permissions, and migration from environment variables.

Quality Engineering Strategy

Implement comprehensive quality engineering practices across the software lifecycle, from automated testing to production observability.

Inspequte Rule Recovery

Resumes and completes JVM static analysis rule implementations that failed initial CI validation.

Ansible Testing & Linting

Automates Ansible playbook validation through comprehensive linting, syntax checking, and idempotency testing strategies.

Secret Detection & Credential Scanning

Protects repositories by automatically detecting leaked secrets, API keys, and credentials using Gitleaks integration.

IDAPython Scripting & Reverse Engineering

Automates IDA Pro reverse engineering tasks using modern Python APIs for disassembly, decompilation, and binary analysis.

Technical Debt Patterns for Rails

Identifies, categorizes, and prioritizes technical debt in Ruby on Rails applications using enterprise-grade metrics and detection patterns.

Electron E2E Testing & Automation

Automates and debugs Electron desktop applications using Chrome DevTools Protocol for comprehensive end-to-end testing of both renderer and main processes.

Systematic Debugging Strategies

Master systematic debugging techniques and root cause analysis to efficiently track down bugs across any technology stack.

Secure Auth Implementation Patterns

Implements robust authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and Role-Based Access Control.

TDD Red Phase Workflow

Generates comprehensive failing tests to define expected behavior and edge cases during the TDD red phase.

Web Application Testing

Automates local web application testing and UI verification using Playwright to ensure frontend quality and functionality.

Secure Flow

Integrates secure-by-default coding practices, threat modeling, and vulnerability remediation into the software development lifecycle.

Descope Authentication

Integrates secure, passwordless authentication and user management into web applications using Descope SDKs and Flows.

Skillpack Maintenance

Maintains and enhances existing skill packs through systematic domain analysis, structural reviews, and behavioral gauntlet testing using subagents.

Security Scan

Performs deep, whole-codebase security audits using extensive context windows to detect vulnerabilities, logic flaws, and cross-module data flow issues.

Advanced Error Resolution

Diagnoses software errors through root cause analysis and automates verified bug fixes using Codex delegation.

Design by Contract

Automates the planning, implementation, and verification of formal software contracts across multiple programming languages to ensure runtime correctness.