Security & Testing Agent Skills

OAuth Implementation

Implements secure OAuth 2.0 and OpenID Connect authentication flows using standardized industry patterns and security best practices.

Attack Methods Lookup

Provides detailed web vulnerability intelligence, exploit payloads, and bounty payout estimates for security auditing.

Playwright Security Runner

Automates dynamic security audits and penetration testing for web forms using browser-driven payload execution.

Move Smith Fuzzer

Implements differential fuzzing and property-based testing for Move smart contracts to identify consensus-breaking bugs and edge cases.

Form Security Analyzer

Performs automated static security audits on HTML forms to identify vulnerabilities like missing CSRF protection and insecure data handling.

QA Test Management

Manages the end-to-end QA test lifecycle with automated naming conventions, directory structures, and traceability to requirements.

Prove It Works (No-Mock Testing)

Validates features end-to-end using real dependencies and zero mocks to ensure production-grade reliability.

React Accessibility Auditor

Performs comprehensive WCAG 2.1 Level AA accessibility compliance reviews and automated testing for React components.

LocalSend Protocol Analysis

Analyzes LocalSend repositories using tree-sitter tagging, GitHub GraphQL snapshots, and protocol safety assessments.

Kolmogorov Codex Quest

Verifies multi-layer cryptographic identity proofs and orchestrates complex quest fulfillment within the Plurigrid ASI ecosystem.

macOS Keychain Secure

Secures sensitive credentials using the hardware-backed macOS Keychain with mathematically balanced GF(3) lifecycles.

RAG/CAG Security Patterns

Secures retrieval-augmented and cache-augmented generation systems through multi-tenant isolation, document-level access control, and prompt injection prevention.

MITM Audit & Analysis

Monitors and reports man-in-the-middle (MITM) mentions and patterns across local repositories and history files.

IoT Device Provisioning

Manages secure provisioning, certificate installation, and network onboarding for TizenRT and ARTIK IoT devices.

QA Screenshot Validation

Validates UI screenshots for layout integrity, element clipping, and rendering issues with intelligent viewport handling.

Framework Repair Suggester

Diagnoses framework and tooling malfunctions to propose structured, systematic repair strategies and task templates.

Intent Sink Validator

Validates and sanitizes intent-centric architectures to ensure safety and well-formedness before execution.

1Password Secrets Reader

Retrieves credentials, API keys, and secure documents from 1Password using the official op CLI integration.

1Password Secret Creator

Automates the creation of secure 1Password items including logins, API keys, and notes via the 1Password CLI.

Smart Contract Guidelines Advisor

Provides expert smart contract development advice and security reviews based on Trail of Bits' industry-standard best practices.

Goblins Distributed OCap System

Implements a secure, distributed object capability system for autopoietic actor-based communication and peer-to-peer networking.

Gestalt Hacking (ERGODIC 0)

Leverages gestalt principles to analyze, manipulate, and defend emergent perceptual patterns within complex data streams and cybernetic loops.

Fuzzing Obstacles & Effectiveness

Identifies and overcomes common fuzzing bottlenecks to improve software security testing coverage and bug discovery.

Eval Harness for EDD

Implements an evaluation-driven development framework to measure and improve AI coding reliability through structured testing and metrics.

fnox Secrets Management

Manages encrypted secrets using age encryption and DuckDB-based catalogs within a triadic GF(3) framework.

Spec-to-Code Compliance

Verifies that blockchain protocol implementations strictly adhere to their technical specifications and whitepapers during security audits.

Sharp Edges Security Auditor

Identifies error-prone API designs and dangerous configuration patterns to prevent security vulnerabilities and misuse.

Systematic Debugging

Employs a disciplined methodology to identify and resolve the root causes of software bugs rather than masking symptoms.

LibFuzzer Security Testing

Automates the discovery of software vulnerabilities using coverage-guided fuzzing patterns and security best practices.

Security Review Methodology

Analyzes implementation changes for security vulnerabilities and risks using a structured framework based on industry best practices.