Security & Testing Agent Skills

OIDC Federation Patterns

Implements secretless cloud authentication using OpenID Connect to eliminate long-lived credentials in CI/CD workflows.

Databricks Testing Patterns

Provides standardized pytest fixtures, Spark DataFrame assertion utilities, and integration testing patterns for Databricks data pipelines.

Systematic Debugging

Implements a rigorous four-phase framework to identify root causes and resolve technical issues without introducing new bugs.

Proof-Grade 150 Verification

Ensures every factual claim is backed by verifiable primary sources and quantified confidence levels to prevent misinformation in critical workflows.

Integrity Check 150

Performs a rigorous final quality assurance check to verify goal alignment, technical correctness, and implementation completeness.

SAST Configuration & Security Scanning

Configures and automates Static Application Security Testing (SAST) tools to detect vulnerabilities across multiple programming languages.

Dependency Upgrade Manager

Manage major dependency version upgrades with compatibility analysis, staged rollout strategies, and comprehensive testing.

Verifying by Consensus

Improves code reliability by dispatching multiple independent review agents and validating findings through consensus and cross-checking.

STRIDE Security Threat Analysis

Systematically identifies security vulnerabilities using the STRIDE methodology to build resilient software architectures.

Web Application Testing

Automates local web application testing and interaction using Playwright and streamlined server management scripts.

Codex Assistant

Integrates OpenAI's Codex CLI to perform automated code reviews, security audits, and deep codebase analysis.

Python Library Quality Reviewer

Conducts comprehensive audits of Python libraries to evaluate code quality, security, packaging standards, and maintenance health.

Memory Safety Patterns

Implements robust memory management patterns like RAII, ownership, and smart pointers to eliminate vulnerabilities in systems programming.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress to ensure application reliability and prevent regressions.

Security Audit & Vulnerability Assessment

Performs deep security audits and vulnerability assessments to harden Supabase-based applications against modern threats.

Python Testing Patterns

Implements robust testing suites using pytest, advanced mocking strategies, and test-driven development practices.

Temporal Python Testing

Implements professional testing strategies for Temporal workflows and activities using pytest, time-skipping, and mocking patterns.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor cycle to ensure code reliability through mandatory test-first implementation.

Kubernetes Security Policies

Implements production-grade defense-in-depth security for Kubernetes clusters using NetworkPolicies, Pod Security Standards, and RBAC.

Bats Shell Testing Patterns

Implements comprehensive unit tests and automated test suites for shell scripts using the Bash Automated Testing System (Bats).

Screen Reader Testing

Validates web application accessibility through structured testing protocols for VoiceOver, NVDA, JAWS, and TalkBack.

Security Requirement Extractor

Transforms threat models and business context into actionable, testable security requirements and structured user stories.

Systematic Debugging

Enforces a rigorous, four-phase root cause analysis process to eliminate guesswork and prevent recurring bugs.

QA Expert & Testing

Enforces professional quality assurance standards by automating unit, integration, and E2E testing workflows using Vitest and Playwright.

RubyCritic Code Quality

Analyzes Ruby code quality by detecting smells, complexity, and duplication to maintain high development standards.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure high code quality through test-first implementation.

Plugin Test Framework

Provides a virtual, isolated test environment for validating Claude Code hooks, plugins, and agent configurations without affecting production environments.

Verified Work Completion

Ensures all project claims are backed by fresh, verified command output before committing code or marking tasks as finished.

Full-Stack Testing Patterns

Enforces standardized testing architectures and TDD workflows for Next.js and FastAPI applications.

Statistical Testing & Simulation Validation

Ensures the reliability of probabilistic code and Monte Carlo simulations through rigorous statistical assertions and stable testing patterns.