Security & Testing Agent Skills

Web Application Testing

Automates local web application testing and UI debugging using Playwright and integrated server management scripts.

Clerk Incident Runbook

Streamlines incident response for Clerk authentication issues with automated diagnostics, mitigation scripts, and recovery procedures.

Requirement Traceability Coverage Report

Generates comprehensive test coverage reports mapped to specific requirements to identify testing gaps and ensure quality compliance.

Doc Detective Testing

Automates the verification of documentation procedures by converting text-based guides into executable Doc Detective test specifications.

BDD Workflow Orchestrator

Automates the complete Behavior-Driven Development lifecycle from Gherkin scenario creation to requirement-traced implementation and refactoring.

Requirement Traceability Tagger

Automates the tagging of source code, tests, and commit messages with requirement IDs to ensure full traceability throughout the SDLC.

Web3 Smart Contract Testing

Streamlines smart contract verification using Hardhat and Foundry for comprehensive security and performance testing.

Antigravity Bug Finder

Audits local branch changes to identify security vulnerabilities, logical bugs, and critical code quality issues.

Auth Route Protection Checker

Audits and secures Next.js routes, server components, and API endpoints by identifying authentication gaps and generating robust protection logic.

KlingAI Compliance Review

Conducts comprehensive security audits and regulatory compliance reviews for Kling AI video generation integrations.

Requirement Coverage Sensor

Audits software requirements against source code and test files to identify gaps in implementation and validation.

A11y Checker CI

Integrates automated accessibility testing into CI/CD pipelines to enforce WCAG compliance and generate detailed remediation reports for pull requests.

OpenSpec Change Verifier

Validates that code implementations accurately match specifications, tasks, and design documents before archiving changes.

Django Reviewer

Audits Django applications for ORM efficiency, security vulnerabilities, and architectural best practices.

Eval Harness

Implements Eval-driven development to quantitatively measure code quality and track continuous improvements through standardized metrics.

Auth Implementation Patterns

Implements secure authentication and authorization systems using JWT, OAuth2, and RBAC best practices.

Frontend Auth & JWT Patterns

Implements secure authentication flows using Better Auth and JWT token management for modern web applications.

Security Review & Vulnerability Audit

Performs comprehensive security audits and vulnerability checks based on OWASP standards and industry best practices.

Bats Testing Patterns

Provides comprehensive guidance and implementation patterns for testing shell scripts using the Bash Automated Testing System (Bats).

TypeScript Any Eliminator

Refactors TypeScript codebases to replace 'any' types with robust, specific type definitions and strict interfaces.

GKE Runtime Security

Enforces GKE workload security through Pod Security Standards, admission controllers, and real-time behavioral monitoring with Falco.

Playwright Web App Testing

Automates local web application testing and UI debugging using Playwright-powered Python scripts.

XSS Vulnerability Scanner

Automatically identifies and reports cross-site scripting (XSS) vulnerabilities in web applications through context-aware code analysis.

Secure Code & Supply Chain

Identifies and remediates security vulnerabilities, manages SBOMs, and secures software supply chains using automated scanning and best practices.

Team Authorization & RBAC

Manages team-based permissions and role-based access control to ensure consistent authorization across client-side actions and server-side functions.

Verification Loop

Executes a rigorous six-stage verification workflow to ensure code quality, security, and type safety within the Claude Code environment.

Go Security Tooling

Implements standard, OpenSSF-certified Go security workflows using race detection, linting, and vulnerability scanning.

Automated Security Enforcement

Implements mandatory security guardrails and policy-as-code to ensure audit-ready compliance across the development lifecycle.

Secure Credential Storage

Implements secure patterns for managing and rotating GitHub App credentials across diverse CI/CD and infrastructure environments.

Replit Enterprise RBAC & SSO Manager

Configures enterprise-grade security for Replit including Single Sign-On (SSO) and robust role-based access control (RBAC).