Security &amp; Testing Agent Skills

Parse and process Static Analysis Results Interchange Format (SARIF) files to automate security audits and vulnerability management.

Security Fix Review

Verifies that git commits correctly address security audit findings without introducing new bugs or regressions.

Spec-to-Code Compliance Checker

Verifies that blockchain codebases align perfectly with their whitepapers and technical specifications through rigorous semantic mapping.

Sharp Edges Security Analysis

Identifies security footguns and error-prone API designs to ensure software is secure by default.

Vulnerability Scanner

897

Identifies security vulnerabilities in codebase, dependencies, and configurations to ensure robust application security.

Session Security Auditor

897

Analyzes web application session management to identify and mitigate critical security vulnerabilities.

Vercel Data Compliance & Privacy

897

Implements PII handling, data retention policies, and GDPR/CCPA compliance patterns for Vercel-based applications.

Code Injection Detector

Identifies and remediates code injection vulnerabilities using industry-standard security patterns and automated scanning.

Secret Scanner

Detects and remediates exposed secrets, API keys, and credentials within your codebase to prevent security breaches.

XSS Vulnerability Scanner

Scans web application code to detect and remediate reflected, stored, and DOM-based cross-site scripting vulnerabilities.

CSRF Security Validator

Automates the identification and remediation of Cross-Site Request Forgery (CSRF) vulnerabilities across web applications and API endpoints.

API Fuzzing & Security Testing

Automates API fuzz testing to proactively identify security vulnerabilities, edge cases, and unexpected system crashes.

Performance Test Suite

Executes comprehensive load, stress, and benchmark tests to evaluate system stability and resource efficiency.

Snapshot Test Manager

Automates the creation, validation, and management of UI component snapshots for robust regression testing.

Plugin Auditor

Audits AI assistant code plugins for security vulnerabilities, best practices, and standard compliance.

Python Unittest Creator

Generates production-ready Python unit tests and test configurations using industry-standard best practices.

SOC2 Compliance Checker

887

Automates the evaluation of system configurations and codebases against SOC2 security and compliance standards.

Input Validation Scanner

Scans source code for security vulnerabilities like XSS and SQL injection by identifying unvalidated or unsanitized user input.

Input Validation Scanner

Scans source code to identify and mitigate input validation vulnerabilities like XSS, SQL injection, and command injection.

Input Validation Scanner

Scans source code to identify potential input validation vulnerabilities and injection risks before deployment.

CORS Policy Validator

Analyzes and validates Cross-Origin Resource Sharing (CORS) configurations to identify security vulnerabilities and ensure compliance with best practices.

CSRF Protection Validator

Analyzes web applications to identify and remediate Cross-Site Request Forgery (CSRF) vulnerabilities across all endpoints.

Data Privacy Scanner

Scans source code and configurations to detect PII leaks, compliance violations, and data privacy vulnerabilities.

Container Security Scanner

Scans container images and running environments for vulnerabilities using industry-standard security tools like Trivy and Snyk.

API Contract & Pact Testing

Automates API contract validation and consumer-driven testing using Pact and OpenAPI to ensure backend compatibility.

Data Encryption & Security Adapter

Protects sensitive information by automating data encryption and decryption processes within Claude.

API Contract Testing & Validation

Validates API contracts and ensures service compatibility using consumer-driven testing and OpenAPI specifications.

Automated API Testing Suite