Security & Testing Agent Skills

SAST Configuration & Security Scanning

Automates the setup and configuration of Static Application Security Testing (SAST) tools to detect vulnerabilities in source code across multiple languages.

Web3 Smart Contract Testing

Standardizes the creation and execution of comprehensive test suites for Solidity smart contracts using Hardhat and Foundry.

Error Handling Patterns

Implements robust error handling strategies and resilient application patterns across multiple programming languages to ensure software stability.

E2E Testing Patterns

Implements robust end-to-end testing architectures using Playwright and Cypress to ensure application reliability and prevent regressions.

1Password + direnv Secrets Management

Optimizes secret loading by integrating the 1Password CLI with direnv using high-performance patterns.

CI/CD Secrets Management

Implements secure handling, storage, and rotation of sensitive credentials across major CI/CD platforms and cloud providers.

Systematic Debugging

Enforces a disciplined, four-phase approach to identify root causes and eliminate trial-and-error bug fixing.

Kubernetes Security Policies

Implement defense-in-depth Kubernetes security through network policies, RBAC configurations, and pod security standards.

QA Tester Agent

Automates the creation, execution, and verification of unit, integration, and E2E tests using Jest and Supertest.

Mission Control Canary Test Writer

Generates precise test blocks and boolean assertions for Mission Control canary health checks across HTTP, Kubernetes, and system outputs.

PCI Compliance & Secure Payments

Implements PCI DSS requirements to secure payment card data and maintain industry-standard payment processing security.

Debugging Strategies

Provides systematic techniques and diagnostic tools to identify, isolate, and resolve complex software bugs across various technology stacks.

Test-Driven Development (TDD) Discipline

Enforces a rigorous Red-Green-Refactor workflow to ensure high-quality, verified code for all features and bug fixes.

Security & Compliance Suite

Secures software projects by automating vulnerability scanning, environment validation, and OWASP compliance auditing.

Rigorous Task Verification

Enforces strict evidence-based completion protocols to prevent false progress claims during development.

Rust & WASM Security Audit

Audits Rust and WebAssembly applications for vulnerabilities, unsafe code usage, and adherence to security best practices.

Reticulum Protocol Destinations

Manages and implements Reticulum's location-independent addressing system and cryptographic destination types.

Advanced Debugging

Streamlines troubleshooting across Next.js, Supabase, and React Query stacks with specialized workflows and automated diagnostic tools.

Plan-Then-Execute

Implements a high-integrity execution pattern that separates planning from action to prevent prompt injection and ensure human oversight.

Kiro Spec Detector

Identifies modified Kiro specification files by comparing current branch changes against a base branch for optimized testing.

HTML Lint & Accessibility Runner

Audits web content for WCAG accessibility compliance and HTML structural standards using industry-standard linting tools.

Reticulum Cryptography & Identity

Implements and explains Reticulum's authoritative cryptographic primitives, identity structures, and forward-secrecy mechanisms.

Reticulum Utilities

Manages Reticulum network operations including path discovery, identity management, and secure file transfers.

OSS Solution Implementation

Implements high-quality code and comprehensive tests for open-source contributions while strictly following project standards.

Web App Testing with Playwright

Automates and tests local web applications using native Playwright scripts and managed server lifecycles.

Code Health Auditor

Analyzes codebases to identify technical debt, test coverage gaps, and refactoring opportunities across multiple languages.

PICT Test Designer

Generates optimized pairwise test suites by analyzing requirements and code logic using the PICT methodology.

.NET Code Security & Quality Analyzer

Performs automated static analysis, security audits, and dependency vulnerability scans for .NET projects.

Pipeline Data Validator

Ensures data integrity across the development lifecycle by validating JSON artifacts against strict Pydantic schemas.

Systematic Debugging

Enforces a rigorous four-phase debugging protocol to identify root causes and implement permanent fixes rather than superficial patches.