Security & Testing Agent Skills

SAST Security Configuration

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection in application code.

CORS Policy Validator

Analyzes Cross-Origin Resource Sharing configurations to identify security vulnerabilities and ensure compliant implementation.

Data Encryption & Decryption

Secures sensitive information by providing seamless data encryption and decryption capabilities using AES, RSA, and other standard algorithms.

Container Security Scanner

Scans container images and running environments for vulnerabilities using industry-standard security tools like Trivy and Snyk.

Better Auth Integration

Implements comprehensive, framework-agnostic authentication and authorization workflows for TypeScript applications using Better Auth.

Security Pro Pack

Conducts comprehensive security audits, compliance checks, and vulnerability scans across codebases and cloud infrastructure.

Python Doctor

Audits Python codebases for security vulnerabilities, performance bottlenecks, and architectural antipatterns to provide a comprehensive health score and remediation plan.

Compliance Report Generator

Automates the creation of comprehensive security compliance reports for standards like PCI DSS and HIPAA directly within the development workflow.

OWASP Security Compliance Checker

Performs comprehensive security audits by scanning codebases for OWASP Top 10 vulnerabilities and providing actionable remediation guidance.

Database Security Scanner

Performs comprehensive security audits and vulnerability assessments for PostgreSQL and MySQL databases using OWASP guidelines.

Access Control Security Auditor

Audits authentication and authorization implementations to identify security vulnerabilities, misconfigurations, and privilege escalation risks.

QMS Audit Expert

Provides expert-level ISO 13485 quality management system auditing, including risk-based planning, nonconformity identification, and CAPA integration.

ISMS & ISO 27001 Audit Expert

Automates and guides Information Security Management System (ISMS) audits and ISO 27001 compliance assessments with expert-level methodology.

GDPR & DSGVO Compliance Expert

Facilitates comprehensive EU GDPR and German DSGVO compliance through automated auditing, privacy impact assessments, and regulatory guidance.

Git Hook Automation

Automates the setup and configuration of Git hooks to enforce testing, linting, and code quality standards before every commit.

Defense-in-Depth Validation

Implements multi-layered data validation strategies to make software bugs structurally impossible by catching errors at every system layer.

FFUF Web Fuzzing

Guides users through advanced web fuzzing and discovery using FFUF for comprehensive security testing and reconnaissance.

TDD Workflow Manager

Enforces a strict test-driven development lifecycle to ensure high code quality and minimum 80% test coverage.

GitHub Repo Manager Self-Test

Executes and interprets the comprehensive test suite for the GitHub Repo Manager plugin to ensure reliability and correct configuration.

Git Hook Updater

Modifies and regenerates Git hook configurations to maintain repository standards and automated workflows without a full re-setup.

Verification Guard

Enforces rigorous evidence-based reporting by requiring fresh verification results before any task is claimed as complete.

Web App Testing Suite

Automates web application testing and UI interactions using Playwright and automated server management.

Test Workflow Orchestrator

Orchestrates complex test execution graphs with dependency management and parallel processing to optimize CI/CD pipelines.

Test Skill

Validates the execution of PostToolUse hooks to ensure proper skill invocation and system integration.

GitHub Repo Manager Self-Test

Validates and verifies the github-repo-manager plugin installation through comprehensive infrastructure, read-only, and mutation test tiers.

Senior Security Engineering

Automates security assessments, threat modeling, and penetration testing to ensure robust application protection and architectural compliance.

Secret Scanner & Credential Guard

Scans codebases for exposed API keys, passwords, and sensitive credentials using pattern matching and entropy analysis to prevent security breaches.

ATDD Assistant

Guides teams through the Acceptance Test-Driven Development workflow by defining testable criteria and streamlining specification workshops.

Root Cause Tracing

Systematically identifies and resolves the original triggers of complex bugs by tracing execution chains backward from the point of failure.

XSS Vulnerability Scanner

Scans web applications for reflected, stored, and DOM-based Cross-Site Scripting (XSS) vulnerabilities to ensure robust frontend security.