Security & Testing Agent Skills

Security Audit

Performs systematic security reviews of application code, dependencies, and configurations to identify vulnerabilities and suggest remediation strategies.

Secure Auth & Access Control Patterns

Implements secure authentication and authorization systems using JWT, OAuth2, and role-based access control (RBAC) patterns.

API Testing & Integration

Builds and manages comprehensive API test suites using modern Node.js and TypeScript frameworks like Jest and Vitest.

Testing Handbook Generator

Generates comprehensive security testing handbooks and strategy guides to streamline audit workflows.

Security Patterns

Implements industry-standard security best practices for secret management, input validation, and secure coding patterns.

Advanced Testing Strategy

Optimizes software quality through comprehensive testing architectures, multi-layer coverage strategies, and resilient test design patterns.

JavaScript Testing Patterns

Implements robust testing strategies for JavaScript and TypeScript applications using Jest, Vitest, and modern testing libraries.

Find Bugs & Security Auditor

Performs rigorous security audits and bug detection on local code changes using a structured multi-phase review process.

Substrate Vulnerability Scanner

Identifies seven critical security vulnerabilities in Substrate and Polkadot pallets during the development and auditing process.

Web3 Smart Contract Testing

Streamlines smart contract validation using Hardhat and Foundry to ensure secure, gas-efficient, and production-ready blockchain code.

Substitute Eraser

Scans codebases for placeholders, TODOs, and stubs to generate structured remediation plans for technical debt.

React TDD Feature Scaffolder

Generates complete, production-ready React features using a strict Test-Driven Development workflow and feature-based architecture.

Python Testing Patterns

Implements robust Python testing strategies using pytest, mocking, and test-driven development best practices.

Tizen Static Security Analyzer

Detects memory leaks, buffer overflows, and coding vulnerabilities in Tizen C/C++ and JavaScript applications using specialized static analysis.

Solana Vulnerability Scanner

Scans Solana and Anchor programs for critical security vulnerabilities to ensure smart contract integrity.

Smack Policy Generator

Generates SMACK mandatory access control policy files to ensure process isolation and secure resource access for Tizen applications.

Smack Policy Auditor

Audits SMACK policy files for label conflicts, correctness, and mandatory access control compliance in Tizen environments.

Accessibility Auditor

Audits web and mobile applications for WCAG 2.2 AA compliance using automated tools, manual findings, and deep code analysis.

Go Hexagonal & DDD Architect

Reviews Go codebases for Hexagonal Architecture compliance and Domain-Driven Design principles using automated tests and AI analysis.

Vibesafe

Manages the Vibesafe toolchain to automate code generation from specifications while ensuring quality through drift detection and automated testing.

Verification Before Completion

Enforces a strict evidence-first workflow by requiring fresh command output and verification before any task is marked as complete.

Claude Code Permission Manager

Configures granular tool permissions and security rules within Claude Code to protect sensitive files and manage access.

Project Production Auditor

Performs automated production-readiness audits to identify security risks, code quality issues, and infrastructure gaps in AI-generated projects.

Root Cause Tracing

Traces software bugs backward through the call stack to identify and resolve the original trigger rather than just treating symptoms.

Scale Game Problem Solving

Exposes architectural weaknesses and fundamental truths by stress-testing software concepts at extreme scales.

GitHub Copilot MCP Integration

Enables advanced codebase analysis and specialized AI development tools by bridging Claude with the GitHub Copilot CLI.

Test-Driven Development Workflow

Guides the Red-Green-Refactor cycle to ensure high-quality, verified code through test-first development.

Signal Isolated Auth

Enforces maximal security isolation for Signal authentication using nested VM and container boundaries with colored operad constraints.

Secret Detection Rule Optimizer

Standardizes the modification and performance benchmarking of secret detection rules to ensure high-speed, accurate scanning.

ESBMC Formal Verification

Verifies code correctness and detects complex bugs using SMT-based formal methods for C, C++, Python, and more.