Security & Testing Agent Skills

AI Evaluation & Metrics Planner

Manages evaluation metrics, thresholds, and measurement methods to ensure project progress and quality are quantifiable and documentable.

Hookify Rules Writer

Guides the creation and configuration of custom Hookify guardrails to enforce coding standards and safety protocols in Claude Code.

OpenSpec Change Verifier

Validates that code implementations accurately align with specifications, tasks, and design documents before archiving changes.

Environment Secrets Manager

Manages global and project-specific environment variables and secrets while ensuring secure documentation and storage practices.

File Path Traversal Testing

Identifies and tests directory traversal and Local File Inclusion (LFI) vulnerabilities to secure web application filesystems.

PCI Compliance Manager

Implements rigorous PCI DSS standards to secure payment processing workflows and protect sensitive cardholder data.

Spec-Driven TDD Workflow

Implements a structured Test-Driven Development lifecycle that moves seamlessly from requirements and design to traceable code implementation.

TDD Workflow

Enforces test-driven development principles and mandatory 80% coverage across unit, integration, and E2E testing layers.

Security Scanner

Performs comprehensive security audits, secret detection, and vulnerability scanning for modern codebases.

Smart Test Coverage Validator

Validates code changes by ensuring >70% test coverage for modified lines and verifying full suite integrity.

Next.js Supabase Authentication

Implements secure, production-ready authentication for Next.js applications using Supabase SSR and App Router patterns.

Hookify Rule Configuration

Standardizes the creation of custom guardrails and automation triggers to monitor and guide Claude's actions in real-time.

BDD Workflow Orchestrator

Automates the complete Behavior-Driven Development lifecycle from Gherkin scenario creation to requirement-traced implementation and refactoring.

Systematic Debugging

Enforces a rigorous, evidence-based process for identifying root causes before implementing technical fixes to prevent guess-and-check thrashing.

Smart Test Repair

Systematically identifies, groups, and resolves failing tests using intelligent error classification and prioritized fixing strategies.

Requirement Traceability Tagger

Automates the tagging of source code, tests, and commit messages with requirement IDs to ensure full traceability throughout the SDLC.

Web3 Smart Contract Testing

Streamlines smart contract verification using Hardhat and Foundry for comprehensive security and performance testing.

Antigravity Bug Finder

Audits local branch changes to identify security vulnerabilities, logical bugs, and critical code quality issues.

Auth Route Protection Checker

Audits and secures Next.js routes, server components, and API endpoints by identifying authentication gaps and generating robust protection logic.

Requirement Coverage Sensor

Audits software requirements against source code and test files to identify gaps in implementation and validation.

A11y Checker CI

Integrates automated accessibility testing into CI/CD pipelines to enforce WCAG compliance and generate detailed remediation reports for pull requests.

OpenSpec Change Verifier

Validates that code implementations accurately match specifications, tasks, and design documents before archiving changes.

Django Reviewer

Audits Django applications for ORM efficiency, security vulnerabilities, and architectural best practices.

Unit Testing

Implements robust unit testing workflows using Vitest for TypeScript and Next.js projects following Test-Driven Development (TDD) principles.

Secrets Management for CI/CD

Implements secure credential handling and secret rotation across major cloud providers and CI/CD platforms to prevent sensitive data leaks.

Factory Quality Validator

Ensures the quality and schema compliance of generated components through automated validation, scoring, and auto-fixing.

Auth Implementation Patterns

Implements secure authentication and authorization systems using JWT, OAuth2, and RBAC best practices.

Bats Testing Patterns

Provides comprehensive guidance and implementation patterns for testing shell scripts using the Bash Automated Testing System (Bats).

Codex ThinkDeep

Performs deep, multi-step technical investigations and complex reasoning using high-effort analysis patterns.

Python Testing Patterns

Implements robust Python testing suites using pytest, advanced mocking techniques, and test-driven development best practices.