Security & Testing Agent Skills

WCAG Accessibility Audit Patterns

Conducts comprehensive WCAG 2.2 accessibility audits and provides actionable remediation strategies for web content.

TDD Red Phase Workflow

Generates comprehensive failing tests to define expected behavior and edge cases during the initial TDD red phase.

Vitest Testing

Simplifies unit and integration testing for Vite-based projects by providing specialized configuration, Jest-compatible API guidance, and mocking patterns.

Flow-Next Epic Review

Verifies that completed epic tasks align with original specification requirements using automated review gates and autonomous fix loops.

Nmap Network Reconnaissance

Performs professional network reconnaissance and port scanning using an optimized two-phase strategy for comprehensive service detection.

Jadx Android Decompiler

Decompiles Android APK files into readable Java source code to facilitate security audits and application analysis.

IoT UART Console (picocom)

Interacts with embedded device UART consoles for security auditing, vulnerability discovery, and gaining root access.

IoT Network Traffic Analyzer

Analyzes IoT network traffic to detect specialized protocols and identify security vulnerabilities in real-time or from packet captures.

IoT WS-Discovery Scanner

Discovers and enumerates ONVIF cameras and IoT devices using the WS-Discovery protocol for network security assessments.

Chipsec Firmware Analysis

Performs static security analysis of UEFI and BIOS firmware dumps to detect malware and audit system integrity.

ONVIF Security Scanner

Scans ONVIF-enabled IP cameras and IoT devices for authentication vulnerabilities and weak credentials.

Ffind Firmware & Filesystem Analyzer

Analyzes firmware files, detects file types, and extracts embedded filesystems for security research and IoT pentesting.

Apktool Android Reverse Engineering

Automates the unpacking, resource extraction, and disassembly of Android APK files for security analysis and vulnerability discovery.

.NET Dev Certificate Trust for Linux

Diagnoses and resolves .NET HTTPS developer certificate trust issues across Ubuntu, Fedora, Arch Linux, and WSL2 environments.

Security & Vulnerability Management

Implements rigorous security standards for Rust projects through vulnerability auditing, automated fuzzing, and strict unsafe code reviews.

CTF Crypto Analysis

Analyzes and exploits cryptographic implementations in compiled binaries to recover flags and keys during CTF challenges.

ReVa Deep Analysis

Performs intensive, evidence-based reverse engineering investigations within Ghidra to decode complex binary behaviors and logic.

CTF Binary Exploitation (Pwn)

Solves Capture The Flag (CTF) binary exploitation challenges by identifying and exploiting memory corruption vulnerabilities.

CTF Reverse Engineering Assistant

Analyzes binary programs to extract flags, keys, and passwords using systematic static analysis and Ghidra integration.

Binary Triage & Analysis

Performs systematic initial surveys of binaries to identify key components, suspicious behaviors, and prioritize deeper reverse engineering tasks.

Timeout Testing Utility

Facilitates the testing and management of execution timeouts within OpenCode swarm agent workflows.

Timeout Testing Utility

Simulates and validates timeout behaviors to ensure robust error handling in multi-agent coordination.

Flow Prime Codebase Readiness

Assesses and optimizes your codebase for AI agent autonomy and production quality through a multi-pillar health scan.

IoT Telnet Pentesting Shell

Performs security assessments and shell interactions with IoT devices via Telnet using automated helper scripts for reliable command execution.

IoT UART Console (picocom)

Interacts with IoT hardware UART consoles using picocom for security audits, device enumeration, and bootloader manipulation.

ONVIF Security Scanner

Scans ONVIF-enabled IP cameras and IoT devices for authentication vulnerabilities and weak credentials.

PCI Compliance Master

Implements PCI DSS security standards to protect payment card data and ensure regulatory compliance across payment systems.

Web3 Smart Contract Testing

Tests and validates Solidity smart contracts using Hardhat and Foundry frameworks to ensure security, reliability, and gas efficiency.

CRAP Score & Code Coverage Analysis

Analyzes .NET code risk by calculating CRAP scores and visualizing test coverage hotspots to identify maintainability issues.

Verify Email Snapshots

Automates visual regression testing for email templates by capturing and comparing rendered HTML snapshots in .NET applications.