Security & Testing Agent Skills

MCP Protocol Compliance Testing

Validates MCP servers for JSON-RPC 2.0 compliance and Pydantic schema integrity using standardized testing patterns.

QA Strategy & Quality Metrics

Implements robust testing frameworks and quality metrics to manage technical debt and improve code maintainability.

TDD Discipline & Testing Automation

Enforces strict Test-Driven Development workflows by requiring failing tests before implementation and matching project-specific testing patterns.

Quality Gates

Automates code quality validation using multi-language linting, formatting, type checking, and testing tools.

Pytest Test Framework

Generates and executes robust pytest suites for Python projects with support for fixtures, mocking, and structured output.

Jest Test Automation

Executes and generates Jest tests for JavaScript and TypeScript projects to streamline unit, integration, and end-to-end testing workflows.

ExUnit Test Framework

Automates the generation and execution of Elixir ExUnit tests to streamline bug reproduction and code verification.

Testing Workflow Orchestrator

Orchestrates a comprehensive four-step testing process to validate skill functionality, integration, and structural integrity.

E2E Testing Patterns

Implements reliable end-to-end testing suites using Playwright and Cypress best practices to ensure application stability and catch regressions.

Testing Workflow

Orchestrates a comprehensive, multi-step testing sequence to validate skill functionality, integration compatibility, and structural integrity.

Solidity Smart Contract Patterns

Implements battle-tested Solidity design patterns and OpenZeppelin security standards for robust Ethereum smart contract development.

Performance Testing & Web Vitals

Measures and enforces web performance standards using Lighthouse audits and Core Web Vitals within Playwright test suites.

Memory Safety Patterns

Implements robust memory management patterns like RAII and ownership to prevent leaks, crashes, and security vulnerabilities in systems programming.

Attack Tree Construction

Constructs detailed attack trees to visualize security threats and identify architectural vulnerabilities.

Solidity Security & Smart Contract Audit

Implements industry-standard security patterns and vulnerability prevention for Solidity smart contracts.

SAST Security Scanning

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection and enforce security policies across codebases.

Electron E2E & CDP Testing

Automates end-to-end testing and debugging for Electron applications using Chrome DevTools Protocol for both main and renderer processes.

Web Application Testing & Automation

Streamlines end-to-end testing and UI debugging for local web applications using automated Playwright scripts and server lifecycle management.

Computer Use Automation & QA Testing

Automates web application testing by generating Playwright-based test harnesses and natural-language goal files for Gemini 2.5 Computer Use.

Pytest Python Testing

Automates the creation and management of robust Python test suites using the industry-standard pytest framework.

SQLMap Database Penetration Testing

Automates the detection and exploitation of SQL injection vulnerabilities to perform comprehensive database security assessments.

Performance Testing & Web Vitals

Measures and enforces web performance standards using Lighthouse audits and Core Web Vitals within Playwright.

Broken Authentication Security Testing

Identifies and audits authentication and session management vulnerabilities in web applications to prevent unauthorized access.

Broken Authentication Testing

Identifies and evaluates authentication and session management vulnerabilities in web applications to prevent unauthorized access and account takeovers.

DevOps Security Auditor

Automates security auditing and vulnerability assessments within development workflows to identify dependencies, secrets, and compliance risks.

OpenSpec Change Verifier

Validates that code implementations accurately align with specifications, tasks, and design documents before archiving changes.

Security Review & Hardening

Audits and secures application code by implementing industry-standard security patterns, from input validation to secrets management.

HTML Injection Security Testing

Identifies and exploits HTML injection vulnerabilities to secure web applications against content manipulation and phishing attacks.

OpenSpec Change Verifier

Validates that code implementations align perfectly with specifications, tasks, and design documents before archival.

OpenSpec Change Verifier

Validates that software implementations align with specifications, tasks, and design documents using the OpenSpec framework.