Security & Testing Agent Skills

PopKit Architecture Auditor

Evaluates and validates software architecture using metrics for code duplication, coupling, cohesion, and SOLID principles.

Security Scan & Issue Tracker

Performs automated security vulnerability audits and synchronizes findings with GitHub issues for streamlined remediation.

Hookify Rule Configuration

Guides users in creating and managing custom guardrails and automated patterns using the Hookify framework for Claude Code.

PCI Compliance Guide

Implements and enforces PCI DSS security standards for secure payment processing and cardholder data management.

Temporal Python Testing

Streamlines the testing of Temporal workflows and activities using pytest, time-skipping, and advanced mocking strategies.

Accessibility Audit Pro

Audits code for WCAG 2.1 AA and EN 301 549 compliance to ensure inclusive and accessible web experiences.

WCAG 2.1 AA Accessibility Validator

Validates Moodle templates, JavaScript, and CSS for WCAG 2.1 Level AA accessibility compliance and best practices.

Deep Investigation Protocol

Conducts rigorous, multi-layered research to verify corporate claims and product reliability beyond marketing hype.

Debugging Strategies

Implements systematic debugging workflows, profiling techniques, and root cause analysis to resolve complex software issues across any technology stack.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress to ensure application reliability and prevent regressions.

Fabric Native Patterns

Integrates Daniel Miessler’s Fabric patterns natively into Claude Code for seamless content analysis, security auditing, and wisdom extraction.

Testing & Quality Assurance

Implements comprehensive testing strategies and quality assurance workflows using frameworks like JUnit, MockK, and Jest.

Solidity Smart Contract Security

Secures Ethereum smart contracts by implementing industry-standard patterns and identifying critical vulnerabilities like reentrancy and access control flaws.

SAST Configuration & Security Scanning

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within the development lifecycle.

Secure Authentication Patterns

Implements industry-standard authentication and authorization patterns including JWT, OAuth2, and RBAC to secure web applications and APIs.

LimaCharlie Threat Intel Integrator

Integrates real-time threat intelligence feeds and API-based lookups into LimaCharlie security operations and detection rules.

LimaCharlie API Integrator

Integrate with the LimaCharlie SecOps platform using REST APIs, Python SDK, or Go SDK for programmatic sensor management and data streaming.

LimaCharlie Performance & Cost Optimizer

Optimizes LimaCharlie deployments by reducing operational costs, tuning query performance, and implementing efficient resource management strategies.

Testing & Quality Implementation

Implements comprehensive automated testing strategies and quality assurance workflows across Kotlin, JavaScript, and Python environments.

Mobile App Pentesting

Conducts comprehensive security audits and penetration testing for Android and iOS mobile applications.

Web Application Security Testing

Equips Claude with expert penetration testing methodologies and specialized payloads to identify and exploit web application vulnerabilities.

Container Security & Escape Expert

Conducts deep security assessments and penetration tests for Docker and Kubernetes environments to identify and exploit vulnerabilities.

Password Attacks & Credential Cracking

Conducts professional password hash cracking, credential spraying, and authentication brute-force attacks using industry-standard tools.

Initial Access Recon

Automates reconnaissance and intelligence gathering for offensive security assessments and attack surface mapping.

API Security Testing

Conducts comprehensive security audits and penetration tests on REST and GraphQL APIs to identify vulnerabilities like IDOR, injection, and authorization flaws.

Establishing Persistence Techniques

Implements and detects various methods for maintaining long-term access to compromised Windows, Linux, and cloud environments during security engagements.

Network Service Enumeration

Performs professional-grade discovery, enumeration, and security assessment of network services and database protocols.

Guardian Quality & Health Monitor

Monitors session health and codebase quality in real-time, automatically triggering focused sub-agents for code reviews and task planning.

Bulletproof React Auditor

Audits and refactors React applications using the Bulletproof React architecture to ensure scalable, maintainable, and production-grade codebases.

Pytest Pattern Enforcer

Enforces standardized pytest best practices including advanced fixtures, mocking strategies, and async test patterns.