Security & Testing Agent Skills

Have I Been Pwned Security Integration

Integrates the Have I Been Pwned API to check for compromised accounts, passwords, and data breaches within security workflows.

Code Validation Checklist

Validates code against custom checklists and security standards before execution to ensure quality and compliance.

Cynara Policy Validator

Validates Cynara privilege access control policies to ensure secure and consistent permission management within Tizen and IoT environments.

AFL++ Security Fuzzing

Conducts comprehensive binary and source code fuzzing to identify security vulnerabilities and stability issues using AFL++.

Boneh-Roughgarden WEV Mechanism

Implements protocol-aligned value extraction and transaction fee mechanisms based on Stanford FDCI research.

Python Testing Specialist

Writes, reviews, and optimizes Python tests using pytest with a focus on atomic structure, async support, and FastMCP integration.

Reafference & Corollary Discharge

Distinguishes self-generated AI interactions from external anomalies using von Holst's neuroscience principles and predictive signal processing.

Verification Loop

Automates a comprehensive six-phase quality assurance workflow to ensure code integrity before pull requests or deployments.

Claude Eval Harness

Implements a formal evaluation framework for Claude Code sessions to enable reliable, test-driven AI development.

Security Review

Conducts comprehensive security audits and provides implementation patterns for authentication, input validation, and data protection.

Test-Driven Development (TDD) Workflow

Enforces a rigorous test-first development cycle with 80%+ coverage requirements for unit, integration, and E2E tests.

Salesforce Connected Apps & Security Architect

Automates the creation, management, and security validation of Salesforce Connected Apps and External Client Apps with specialized OAuth configurations.

Salesforce Apex Expert

Generates and reviews production-ready Salesforce Apex code using 2025 best practices and a rigorous 150-point quality scoring system.

GitHub Code Review

Conducts high-signal, deep-dive code reviews for GitHub pull requests by analyzing diffs for bugs, security vulnerabilities, and performance issues.

Bug & Logic Auditor

Audits source code for logical errors, race conditions, and edge cases to ensure robust error handling and stability.

Security Fixer

Generates high-quality, automated security patches to remediate vulnerabilities like SQL injection, XSS, and hardcoded secrets.

Security Audit & Reporting

Generates comprehensive security audit reports, risk assessments, and OWASP Top 10 compliance mappings from vulnerability scan data.

ArkUI Component TDD Expert

Implements rigorous Test-Driven Development patterns for OpenHarmony ArkUI NG component methods to ensure high code coverage and reliability.

Effect-TS Testing Patterns

Provides standardized patterns and best practices for writing comprehensive tests for Effect-TS applications and services.

License Checker

Evaluates Python package licenses for redistribution compatibility using the SPDX database to ensure enterprise compliance.

Developer Specialist

Accelerates software development using TDD, minimal diffs, and context-driven design to ensure high-quality, maintainable code.

MSW API Mocking

Simplifies network-level API mocking for frontend testing using standardized Mock Service Worker (MSW) patterns.

Web App Testing & Automation

Automates local web application testing and UI verification using Playwright scripts and integrated server management.

Systematic Debugging Strategies

Master advanced debugging techniques and root cause analysis to efficiently identify and resolve complex software bugs across any technology stack.

Dependency Mocking

Streamlines the creation of temporary, well-documented mock implementations for unimplemented dependencies to unblock development workflows.

Security Practices

Implements modern security standards including Zero Trust Architecture, supply chain protection, and DevSecOps integration.

Constraint Generalization & Refinement

Synthesizes and propagates formal constraints across composed data paths to enable automatic refinement typing and formal verification.

Authorization Security

Implements production-grade authorization standards including RBAC, ABAC, and NIST 800-53 compliance for secure access control.

Deliberation & Red Teaming

Conducts structured adversarial reviews to challenge assumptions and identify hidden vulnerabilities in plans or architectures.

Valid Skill

Enforces standardized software development practices and testing protocols to ensure production-grade code quality.