Security & Testing Agent Skills

Safe Code Refactoring

Refactors complex codebases safely using characterization tests, incremental changes, and automated verification to ensure behavior preservation.

Golang Testing Standards

Enforces BDD-style unit testing practices and standardizes Golang test structures using Ginkgo and Gomega.

Code Reviewer

Automates comprehensive code audits using research-backed security standards, performance pattern detection, and automated quality enforcement.

Dependency Tracker

Audits and aligns project dependencies with infrastructure documentation to ensure security, consistency, and clean codebases.

DevFlow Quality Validation

Automates parallel project validations including tests, linting, and type checking to ensure code quality and build integrity.

OWASP Security Reviewer

Performs automated security audits and OWASP Top 10 compliance checks on pull requests, commits, or entire codebases.

Systematic Bug Fixer

Resolves software defects through automated test-driven reproduction, root cause analysis, and rigorous regression verification.

Security Review Methodology

Analyzes implementation changes for security vulnerabilities and risks using a structured framework based on industry best practices.

Systematic Debugging

Employs a disciplined methodology to identify and resolve the root causes of software bugs rather than masking symptoms.

Go Hexagonal & DDD Architect

Reviews Go codebases for Hexagonal Architecture compliance and Domain-Driven Design principles using automated tests and AI analysis.

React TDD Feature Scaffolder

Generates complete, production-ready React features using a strict Test-Driven Development workflow and feature-based architecture.

React Test Coverage Optimizer

Identifies test gaps and generates comprehensive unit, integration, and E2E tests to ensure high-quality React applications.

Promptfoo Config

Streamlines the configuration and execution of promptfoo for rigorous LLM evaluation and regression testing.

Go Architecture Test Manager

Enforces Hexagonal Architecture and DDD constraints by automatically generating and updating Go architecture tests.

1Password Secret Creator

Automates the creation of secure 1Password items including logins, API keys, and notes via the 1Password CLI.

React & TypeScript Code Reviewer

Conducts comprehensive quality audits for React and TypeScript applications to ensure best practices, performance, and accessibility.

1Password Secrets Reader

Retrieves credentials, API keys, and secure documents from 1Password using the official op CLI integration.

Find Bugs & Security Auditor

Performs rigorous security audits and bug detection on local code changes using a structured multi-phase review process.

Tizen Compliance Checker

Validates Tizen application compliance with official TCT standards across IoT, TV, and mobile profiles.

API Testing & Integration

Builds and manages comprehensive API test suites using modern Node.js and TypeScript frameworks like Jest and Vitest.

Security Audit

Performs systematic security reviews of application code, dependencies, and configurations to identify vulnerabilities and suggest remediation strategies.

Advanced Testing Strategy

Optimizes software quality through comprehensive testing architectures, multi-layer coverage strategies, and resilient test design patterns.

Testing Handbook Generator

Generates comprehensive security testing handbooks and strategy guides to streamline audit workflows.

TON Smart Contract Vulnerability Scanner

Audits TON blockchain smart contracts written in FunC to identify critical security vulnerabilities and logic errors.

Web3 Smart Contract Testing

Streamlines smart contract validation using Hardhat and Foundry to ensure secure, gas-efficient, and production-ready blockchain code.

DeepEval LLM Testing

Implements robust pytest-style evaluation frameworks to measure LLM performance, RAG quality, and output faithfulness.

Accessibility Auditor

Audits web and mobile applications for WCAG 2.2 AA compliance using automated tools, manual findings, and deep code analysis.

Substitute Eraser

Scans codebases for placeholders, TODOs, and stubs to generate structured remediation plans for technical debt.

Substrate Vulnerability Scanner

Identifies seven critical security vulnerabilities in Substrate and Polkadot pallets during the development and auditing process.

Tizen Static Security Analyzer

Detects memory leaks, buffer overflows, and coding vulnerabilities in Tizen C/C++ and JavaScript applications using specialized static analysis.