Security & Testing Agent Skills

CORS Policy Validator

Analyzes and validates Cross-Origin Resource Sharing (CORS) configurations to identify security vulnerabilities and ensure compliant web application access.

Project Dependency Auditor

Analyzes project dependencies for security vulnerabilities, outdated packages, and license compliance across multiple ecosystems.

Chaos Engineering & Resilience Toolkit

Designs and executes controlled failure experiments to identify system weaknesses and validate infrastructure resilience.

API Security Fuzzer

Automates security fuzz testing for REST APIs to identify vulnerabilities like SQL injection, XSS, and input validation failures.

Accessibility Test Scanner

Performs automated accessibility audits to ensure WCAG compliance and improve web application inclusivity.

Accessibility Test Scanner

Performs comprehensive web accessibility audits to ensure WCAG compliance, ARIA validation, and inclusive user experiences.

API Fuzzing & Security Tester

Automates security fuzz testing for REST APIs to identify vulnerabilities, crashes, and input validation flaws through malformed payloads.

Access Control Auditor

Audits and identifies vulnerabilities in access control implementations across cloud environments and applications.

Access Control Auditor

Audits IAM policies, network ACLs, and application permissions to identify security vulnerabilities and misconfigurations.

Overnight Development

Automates software development cycles using Git hooks and test-driven development (TDD) for autonomous, high-quality coding sessions.

Test-Driven Development (TDD) Suite

Implements systematic Test-Driven Development using the Red-Green-Refactor-Commit cycle and Baby Steps methodology to ensure high-quality, reliable code.

Access Control Auditor

Audits access control implementations and IAM policies to identify security vulnerabilities, misconfigurations, and privilege escalation risks.

Compliance Report Generator

Automates the generation of detailed security compliance reports and documentation for frameworks like PCI DSS, HIPAA, and SOC 2.

Dapr Security Scanner

Audits Dapr component configurations for security vulnerabilities, hardcoded secrets, and compliance with infrastructure best practices.

OWASP Security Reviewer

Conducts comprehensive security audits and vulnerability detection based on the OWASP Top 10 framework.

Security Audit Reporter

Generates comprehensive security audit reports and compliance assessments to identify vulnerabilities and prioritize system remediation.

Dapr Middleware Validator

Validates Dapr HTTP middleware configurations to ensure security best practices, correct pipeline ordering, and proper secret management.

Spring Boot Security Implementation

Implements secure authentication and authorization patterns for Spring Boot 4 using Spring Security 7's mandatory Lambda DSL.

Vue.js Testing Best Practices

Implement robust test suites for Vue.js applications using Vitest, Vue Test Utils, and Playwright with industry-standard patterns.

BDD Requirements Manager

Generates standardized BDD requirements in Gherkin format with deep domain integration and automated documentation.

Binary Analysis & Reverse Engineering

Analyzes binary files and firmware to extract strings, identify file signatures, and explore raw data using industry-standard tools.

Test Data Generator

Generates realistic, schema-compliant test data for software development, database population, and automated testing scenarios.

Security Audit & Compliance Pro

Conducts comprehensive security audits, vulnerability scans, and compliance checks across codebases and infrastructure configurations.

Atelier Testing & TDD

Implements a robust stub-driven TDD workflow and layer boundary testing for functional core and effectful edge architectures.

Data Privacy & Compliance Scanner

Scans codebases and configuration files to identify PII leaks, privacy vulnerabilities, and regulatory compliance risks like GDPR and HIPAA.

Dependency Security & Version Checker

Analyzes project dependencies to identify security vulnerabilities, outdated packages, and license compliance issues across multiple package managers.

Test-Driven Development (TDD)

Enforces a rigorous Red-Green-Refactor workflow by requiring mandatory failing tests and execution evidence before any production code is written.

Frontend E2E User Journeys

Automates critical frontend user workflows using resilient end-to-end testing patterns and the Page Object Model.

Completion Verification Gate

Enforces rigorous quality standards by requiring mandatory evidence-based verification and TDD certification before any task is marked complete.

Defense-in-Depth Validation

Implements a multi-layered validation strategy to eliminate data-driven failures and make bugs structurally impossible.