Security & Testing Agent Skills

Security Review

Provides comprehensive security guidance based on OWASP Top 10 and STRIDE threat modeling to harden applications against vulnerabilities.

Aztec E2E Testing

Generates comprehensive Jest end-to-end tests for Aztec smart contracts to validate deployments and transaction flows on live networks.

Input Validation Pattern

Implements robust, fail-fast input validation logic to ensure data integrity and prevent silent processing errors.

Verify with Inline Tests

Implements Norvig-style inline testing patterns to co-locate tests with code for instant verification and documentation.

QA Engineer Agent

Automates the end-to-end quality assurance lifecycle, from structured test planning and bug reproduction to comprehensive regression analysis and reporting.

TUI Development & Visual Testing

Develop, test, and debug Terminal User Interface (TUI) applications using tmux as a headless terminal environment.

Adversarial Testing Patterns

Provides a curated library of realistic adversarial attack vectors and edge cases to harden code logic against semantic failures.

TDD Feature Implementation

Executes a strict red-green-refactor Test-Driven Development cycle to implement features based on technical specifications with high test coverage.

Linux Specialized Admin

Optimizes Linux system performance and security through advanced kernel tuning, filesystem management, and system hardening.

Security Reviewer for Claude Code

Conducts comprehensive security audits and enforces safety standards by identifying and blocking critical vulnerabilities in your codebase.

Code Review

Conducts structured code reviews focused on data flow, logic clarity, and security while avoiding subjective style debates.

Professional Testing Patterns

Implements industry-standard testing architectures, pyramids, and best practices to ensure robust software quality and reliability.

Security Best Practices & Fundamentals

Implements and enforces security best practices, input validation, and core defensive principles across the software development lifecycle.

Verification Before Completion

Enforces a rigorous evidence-based workflow that requires successful command execution and output validation before any task is marked as complete.

Systematic Debugging

Enforces a rigorous four-phase scientific process to identify root causes and implement stable fixes for technical issues.

Test-Driven Development (TDD)

Enforces a strict test-first development workflow to ensure high-quality, bug-free code through the Red-Green-Refactor cycle.

Verified Work Completion

Enforces rigorous evidence-based verification before any work status is claimed, committed, or submitted for review.

Test-Driven Development (TDD)

Enforces a disciplined Red-Green-Refactor workflow to ensure all production code is verified by failing tests first.

Spec-Aware Verification Gate

Enforces rigorous quality standards by validating implementation against both test suites and functional specifications before project completion.

Security Code Reviewer

Identifies security vulnerabilities, injection attacks, and hardcoded secrets through deep analysis of authentication and configuration files.

Bug Detection & Review

Identifies critical logic errors, race conditions, and edge cases during code reviews to ensure production stability.

Robotics Safety Checklist

Validates robotics code and configurations against strict safety standards to prevent hardware damage and ensure operational security.

XState Audition Testing

Facilitates comprehensive testing of XState v5 state machines and actors using optimized xstate-audition patterns.

Authentication and Authorization Vulnerabilities

Identifies and mitigates common security defects in AI-generated authentication systems, such as insecure password hashing and broken session management.

Verification Loop

Automates a continuous quality assurance cycle by integrating linting, testing, and build verification into the AI development workflow.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress to ensure application reliability and prevent regressions.

Alpha Production Readiness Trace

Validates production readiness by tracing user flows from UI to infrastructure to identify backend gaps and stubbed functionality.

JavaScript Testing Patterns

Implements robust testing strategies using Jest and Vitest to ensure code quality in JavaScript and TypeScript applications.

Solidity Security Best Practices

Master smart contract security and vulnerability prevention for secure Solidity development.

Rate Limiting

Protects web applications from brute force attacks, automated spam, and costly resource abuse through intelligent request frequency control.