Security & Testing Agent Skills

NERV LocalSend Connectivity Tester

Facilitates rapid peer discovery and LocalSend connectivity testing with integrated Italian voice announcements.

CodeQL Static Analysis

Performs deep semantic code analysis to detect security vulnerabilities, track data flow, and conduct comprehensive security audits.

Constant Time Analysis

Identifies timing side-channel vulnerabilities and non-constant-time operations in cryptographic implementations across multiple programming languages.

Variant Analysis

Identifies recurring security vulnerabilities and bugs across codebases using advanced pattern-based analysis.

NVD CVE Vulnerability Search

Searches the NIST National Vulnerability Database to identify security vulnerabilities and assess risk scores for software components.

Backend Tests

Guides the creation and maintenance of backend tests according to established coding standards and best practices.

Testing Handbook Generator

Generates comprehensive security testing handbooks and strategy guides to streamline audit workflows.

AI Content Detection

Analyzes academic drafts and documentation to identify patterns typical of AI-generated text and ensures an authentic, human-authored writing style.

Tizen Sandbox Escape Detector

Tests Tizen application sandboxes for privilege escalation and escape vulnerabilities to ensure robust process isolation.

Mock Generator

Generates automated test mocks, stubs, and fixtures across multiple languages and testing frameworks.

Ark Vulnerability Fixer

Streamlines CVE research and security patch workflows for Ark using CIRCL API integration and automated dependency analysis.

PII Detector & Privacy Scanner

Scans codebases and files to identify personally identifiable information (PII) for GDPR and CCPA compliance.

Lighthouse CI Integrator

Integrates Lighthouse CI for automated performance audits, Core Web Vitals monitoring, and budget enforcement within CI/CD pipelines.

NextAuth.js v5 Authentication

Configures robust authentication for Next.js applications using NextAuth.js v5, OAuth providers, and Prisma database persistence.

AI Validation Architect

Defines actionable AI validation criteria and testing standards to ensure code quality before task completion.

Sentinel QA Sweep

Performs automated full-stack QA sweeps to identify UI bugs, API schema drift, and security violations across web applications.

QA Smoke Test

Validates project health through rapid pre-QA sanity checks including server availability, file existence, and browser console errors.

E2E Testing & Visual Debugging

Automates the Playwright end-to-end testing lifecycle with LLM-powered visual analysis and actionable fix recommendations.

Spring Boot Security

Implements industry-standard security patterns and vulnerability mitigations for Java Spring Boot applications.

DotNet Time Testing with TimeProvider

Streamlines testing of time-dependent .NET logic by implementing and manipulating TimeProvider and FakeTimeProvider abstractions.

Rust Unsafe & FFI Safety Guide

Enforces best practices for Rust unsafe code to minimize risk, manage raw pointers, and ensure FFI interoperability while preventing undefined behavior.

QE Contract Testing

Automates consumer-driven contract testing and schema validation for REST, GraphQL, and event-driven APIs to prevent breaking changes.

Accessibility Auditor

Conducts comprehensive WCAG 2.2 Level AA accessibility audits for React and TypeScript applications with specialized MUI framework awareness.

Codebase Auditor

Performs comprehensive audits of code quality, security vulnerabilities, and technical debt using modern engineering standards and actionable remediation plans.

Security Reviewer

Enforces comprehensive security best practices and identifies potential vulnerabilities during the development process.

Red Team

Provides a constructive adversarial perspective to stress-test ideas, designs, and decisions through rigorous examination.

Security Scanner

Audits Claude Code plugins and skills for malicious code and harmful natural language instructions using AI semantic analysis.

QA Backend Tester

Automates the validation of backend services including REST APIs, AWS Lambdas, gRPC endpoints, and GraphQL interfaces.

Privacy Compliance Engineer

Enforces rigorous data protection controls and privacy-by-design principles across application layers to ensure regulatory compliance.

Automated Code Review Auditor

Performs automated audits for security vulnerabilities, accessibility compliance, design token usage, and data attribute consistency.