Security & Testing Agent Skills

Obsidian Automation

Automates and controls isolated Obsidian instances for plugin development, testing, and UI verification.

CSRF Protection Validator

Audits web application endpoints and cookie configurations to detect and remediate Cross-Site Request Forgery (CSRF) vulnerabilities.

Solidity Security & Smart Contract Audit

Implements industry-standard security patterns and vulnerability checks to build robust, exploit-resistant Solidity smart contracts.

Web3 Smart Contract Testing

Streamlines blockchain testing workflows using Hardhat and Foundry to ensure secure, gas-optimized, and production-ready Solidity smart contracts.

SAST Configuration & Security Scanning

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within the development lifecycle.

Bats Shell Testing Patterns

Implements comprehensive unit and integration tests for shell scripts using the Bash Automated Testing System (Bats) framework.

Access Control Auditor

Audits access control configurations to identify security vulnerabilities, misconfigurations, and privilege escalation risks in IAM policies and network ACLs.

STRIDE Threat Analysis Patterns

Systematically identifies security threats across six key categories to fortify application architecture and compliance documentation.

Website Review

Conducts comprehensive QA reviews of websites by automating visual inspection, error detection, accessibility audits, and performance testing.

Input Validation Scanner

Scans source code to detect and mitigate input validation vulnerabilities like SQL injection and XSS.

Admin Dashboard QA Workflow

Orchestrates a rigorous, multi-phase QA workflow for implementing, modifying, and fixing admin dashboard features.

Test Helper

Generates and runs integration tests for TypeScript/JavaScript applications using the Bun test runner.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure production code is always verified by failing tests first.

Debugging Strategies

Implements systematic troubleshooting techniques and profiling tools to identify and resolve complex software bugs across any technology stack.

E2E Testing Patterns

Implements robust end-to-end testing architectures using Playwright and Cypress to ensure application reliability and prevent regressions.

Security Headers Analyzer

Analyzes website HTTP security headers to identify vulnerabilities and provide actionable improvement recommendations.

Skill Evaluator

Evaluates the quality of agent skills using a comprehensive, rubric-based assessment.

Workscript Node Review

Reviews workscript node implementations for compliance with development blueprints, best practices, and metadata consistency.

Testing Guidelines

Enforces rigorous testing standards including strict assertions, minimal mocking, and clear naming conventions for high-quality test suites.

SEMO Integrated Quality Audit

Audits the entire SEMO monorepo for package quality, standards compliance, and structural inefficiencies.

E2E Playwright Diagnosis

Diagnoses and resolves End-to-End (E2E) test failures in Playwright using a systematic, tool-driven workflow.

TypeScript Expert

Applies expert-level guidelines to write, review, and refactor TypeScript code for maintainability, type safety, and performance.

Validation Checklist

Guides software projects through a standardized pre-delivery validation process for backend and frontend code.

Pre-Commit Validator

Automates pre-commit checks for TypeScript type safety, test execution, code coverage, and Git branch compliance.

Intelligent Bug Diagnosis & Fix

Diagnoses and resolves runtime errors by aligning source code with project contracts and architectural context.

Testing Workflow

Executes comprehensive test suites including unit, integration, E2E, and mutation tests to validate code changes and ensure quality.

Precommit Build Validator

Validates code changes by running precommit checks, automated builds, and battery-aware test suites.

Screen Reader Accessibility Testing

Validates web application accessibility by providing comprehensive guides and implementation patterns for screen reader testing across major platforms.

Session Security Checker

Audits and secures session management implementations within your codebase to prevent vulnerabilities like session fixation and hijacking.

Test Environment Manager

Orchestrates and manages isolated, reproducible test environments using Docker Compose and Testcontainers.