Security & Testing Agent Skills

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor cycle to ensure high-quality code through mandatory test-first implementation.

Security Attack Tree Construction

Constructs systematic attack path visualizations to identify security vulnerabilities and prioritize defensive gaps.

JS Test Coverage Generator

Generates and analyzes JavaScript test coverage reports to identify untested code paths and improve application reliability.

FDA Regulatory & HIPAA Consultant

Navigates complex FDA regulatory pathways, QSR compliance, and HIPAA requirements for medical device and healthcare software development.

Ralph Security Audit

Performs automated, multi-layered security scanning across dependencies, source code, and containers to identify vulnerabilities and secret leaks.

Web Application Testing

Automates local web application testing and UI verification using specialized Playwright scripts and server management utilities.

GDPR & DSGVO Compliance Expert

Navigates complex data protection regulations by providing expert-level GDPR and German DSGVO compliance auditing, privacy impact assessments, and regulatory documentation.

Performance Guardian

Prevents performance regressions by implementing automated benchmark verification gates during the development lifecycle.

REST Controller Unit Testing Skill

Streamlines Java REST controller testing by providing MockMvc patterns and best practices for isolated web layer validation.

Naive-Then-Optimize Coding Strategy

Implements a robust workflow that prioritizes algorithmic correctness through naive implementations before applying performance optimizations.

JS Test Maintainer

Orchestrates systematic JavaScript test quality improvements and coverage enhancements while strictly maintaining production code integrity.

ISMS Audit Expert

Facilitates professional ISO 27001 auditing, security control assessments, and ISMS compliance verification with expert-level guidance.

Web Application Testing Toolkit

Automates local web application testing and browser interactions using Playwright and managed server lifecycles.

Error Resolver

Diagnoses and resolves software errors across any language or framework using a systematic, first-principles analysis workflow.

Unit Test Security Authorization

Tests Spring Security authorization logic including role-based access control and method-level security annotations.

Security Requirement Extractor

Transforms threat analysis and business contexts into actionable, testable security requirements and user stories.

Threat Mitigation Mapping

Connects identified security threats to specific technical and procedural controls to prioritize risk remediation and strengthen defense-in-depth strategies.

API Security Fuzzer

Automates REST API fuzz testing to identify security vulnerabilities, input validation failures, and unexpected edge cases.

Kubernetes Security Policies

Implements defense-in-depth security for Kubernetes clusters through network isolation, RBAC, and pod security standards.

SAST Configuration & Security Scanning

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within development workflows.

Defense-in-Depth Validation

Implements multi-layered validation strategies to prevent deep-execution failures and make bugs structurally impossible.

Automated Test Repair

Systematically identifies and resolves failing test suites using intelligent error grouping and prioritized fixing strategies.

Test-First Development

Implements Test-Driven Development patterns to enable LLM self-correction and autonomous iteration through feedback loops.

Shell Script Testing with Bats

Automates shell script testing using the Bash Automated Testing System (Bats) to ensure robust, production-grade CLI utilities and scripts.

Security & Compliance Expert

Guides security professionals in architecting defense-in-depth systems and achieving compliance with industry frameworks like SOC2, ISO27001, and GDPR.

Senior SecOps

Strengthens application security and compliance through automated scanning, vulnerability assessment, and rigorous audit workflows.

QMR Senior Quality Manager

Governs MedTech and HealthTech quality management systems through strategic regulatory oversight and ISO 13485 compliance leadership.

Code Quality & Validation

Enforces project standards and syntax correctness through automated linting, type checking, and static analysis.

Auth Implementation Patterns

Implements secure and scalable authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and RBAC.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress best practices to ensure reliable web application performance.