Security & Testing Agent Skills

Chaos Engineering & Resilience Toolkit

Designs and executes controlled failure experiments to identify system weaknesses and validate infrastructure resilience.

OWASP Security Reviewer

Conducts comprehensive security audits and vulnerability detection based on the OWASP Top 10 framework.

Security Audit Reporter

Generates comprehensive security audit reports and compliance assessments to identify vulnerabilities and prioritize system remediation.

Atelier Testing & TDD

Implements a robust stub-driven TDD workflow and layer boundary testing for functional core and effectful edge architectures.

Dapr Middleware Validator

Validates Dapr HTTP middleware configurations to ensure security best practices, correct pipeline ordering, and proper secret management.

Dapr Security Scanner

Audits Dapr component configurations for security vulnerabilities, hardcoded secrets, and compliance with infrastructure best practices.

Compliance Report Generator

Automates the generation of detailed security compliance reports and documentation for frameworks like PCI DSS, HIPAA, and SOC 2.

Spring Boot Security Implementation

Implements secure authentication and authorization patterns for Spring Boot 4 using Spring Security 7's mandatory Lambda DSL.

Test Data Generator

Generates realistic, schema-compliant test data for software development, database population, and automated testing scenarios.

Compliance Report Generator

Automates the creation of comprehensive security compliance reports for standards like PCI DSS and HIPAA directly within the development workflow.

Security Audit & Compliance Pro

Conducts comprehensive security audits, vulnerability scans, and compliance checks across codebases and infrastructure configurations.

Data Privacy & Compliance Scanner

Scans codebases and configuration files to identify PII leaks, privacy vulnerabilities, and regulatory compliance risks like GDPR and HIPAA.

Dependency Security & Version Checker

Analyzes project dependencies to identify security vulnerabilities, outdated packages, and license compliance issues across multiple package managers.

CORS Policy Validator

Validates Cross-Origin Resource Sharing (CORS) configurations to identify security vulnerabilities and ensure robust web application protection.

BDD Requirements Manager

Generates standardized BDD requirements in Gherkin format with deep domain integration and automated documentation.

Defense-in-Depth Validation

Implements multi-layered validation strategies across entry points, business logic, and environment guards to make software bugs structurally impossible.

Test-Driven Development (TDD)

Enforces a rigorous Red-Green-Refactor workflow by requiring mandatory failing tests and execution evidence before any production code is written.

Frontend E2E User Journeys

Automates critical frontend user workflows using resilient end-to-end testing patterns and the Page Object Model.

Claude Code Tester

Generates and executes comprehensive unit and integration test suites with integrated framework documentation lookup.

Completion Verification Gate

Enforces rigorous quality standards by requiring mandatory evidence-based verification and TDD certification before any task is marked complete.

Condition-Based Testing

Eliminates flaky test failures by replacing arbitrary timeouts with intelligent, condition-based polling logic.

Secret Scanner

Scans codebases for exposed credentials, API keys, and sensitive secrets using pattern matching and entropy analysis.

Condition-Based Waiting

Eliminates flaky tests by replacing arbitrary timeouts with intelligent condition polling and event-driven waiting patterns.

Testing Anti-Patterns Prevention

Prevents common testing mistakes like mocking implementation details, polluting production code, and ignoring accessibility requirements.

Defense-in-Depth Validation

Implements a multi-layered validation strategy to eliminate data-driven failures and make bugs structurally impossible.

Run the Tests

Automates test execution, failure diagnosis, and infrastructure setup to ensure 100% test pass rates across multiple languages and frameworks.

Security Test Scanner

Automates security vulnerability testing and penetration analysis for applications and APIs using OWASP standards.

Vulnerability Scanner

Performs automated security audits by scanning codebases, dependencies, and configurations for known vulnerabilities and CVEs.

Test Report Generator

Generates comprehensive test reports with coverage metrics, trend analysis, and stakeholder-ready formats like HTML and PDF.

Root Cause Tracing

Identifies the origin of deep-seated bugs by systematically tracing errors backward through the call stack to the original trigger point.