Security & Testing Agent Skills

React & TypeScript Code Reviewer

Conducts comprehensive quality audits for React and TypeScript applications to ensure best practices, performance, and accessibility.

Go Architecture Test Manager

Enforces Hexagonal Architecture and DDD constraints by automatically generating and updating Go architecture tests.

Promptfoo Config

Streamlines the configuration and execution of promptfoo for rigorous LLM evaluation and regression testing.

Code Quality Analyzer

Analyzes local code changes using parallel AI agents to automatically identify and fix bugs, type errors, and architectural complexity.

Test & Fix

Automates the identification and remediation of project quality failures across formatting, linting, and testing suites.

Multi-Agent Design Reviewer

Analyzes architectural plans through five specialized AI lenses to identify security, performance, UX, and structural risks.

Roundtable Circle

Orchestrates multi-agent code reviews and automated security audits using specialized AI reviewer teams and a structured 7-phase lifecycle.

Verification & Quality Assurance

Ensures codebase reliability through automated truth scoring, security audits, and an instant rollback system for failed quality checks.

DeepEval LLM Testing

Implements robust pytest-style evaluation frameworks to measure LLM performance, RAG quality, and output faithfulness.

Better Auth Best Practices

Streamlines the implementation of Better Auth for secure, TypeScript-first authentication in modern web applications.

JavaScript Testing Patterns

Implements robust testing architectures using Jest and Vitest to ensure code quality through unit, integration, and end-to-end test patterns.

Solidity Security Master

Implements industry-standard smart contract security patterns and vulnerability prevention for Solidity development.

Verified Completion Proof

Ensures work accuracy by validating completion claims with fresh command-line evidence before final delivery.

Recon Workbench

Conducts authorized, evidence-backed security reconnaissance and system interrogation across macOS, iOS, web, and open-source targets.

Find Bugs & Security Auditor

Performs rigorous security audits and bug detection on local code changes using a structured multi-phase review process.

Web3 Smart Contract Testing

Streamlines smart contract validation using Hardhat and Foundry to ensure secure, gas-efficient, and production-ready blockchain code.

1Password CLI Manager

Manages secure secret injection, authentication, and 1Password CLI workflows without exposing sensitive credentials in plaintext.

Better Auth Scaffolding

Implements and migrates secure Better Auth integrations for TypeScript and JavaScript applications with OWASP-aligned defaults.

Systematic Debugging

Diagnoses production bugs and regressions using evidence-based analysis and reproducible fix plans before implementing code changes.

Security Best Practices Review

Reviews code and architecture against language-specific security standards and the OWASP Top 10:2025 framework.

Security Threat Modeler

Generates repository-specific security threat models by identifying assets, trust boundaries, and potential abuse paths based on source code evidence.

Security Ownership Mapper

Analyzes git history to map code ownership risks, identify low bus factors in sensitive components, and detect security maintenance gaps.

UI Visual Regression Reviewer

Analyzes and validates visual diffs from Storybook, Playwright, and Argos to distinguish intentional UI changes from accidental regressions.

Chrome Extension E2E Tester

Automates end-to-end testing for Chrome extensions using Puppeteer to verify features, message routing, and cross-context interactions in real browser environments.

Codex Home Audit

Audits Codex home directories to detect configuration drift, security risks, and cleanup opportunities.

Doppler Secret Validator

Manages and validates API secrets in Doppler with automated testing and secure storage workflows.

TDD Workflow

Implements a rigorous test-driven development cycle by writing failing tests before coding the implementation.

Systematic Debugger

Diagnoses root causes of software defects through a rigorous 5-phase investigation process without implementing code changes.

Test-Driven Development (TDD)

Implements high-confidence code changes using the Red-Green-Refactor cycle to ensure every behavior is verified by tests before implementation.

Test-Driven Development (TDD)

Enforces a strict test-first development workflow by requiring failing tests before any production code is written.