Security & Testing Agent Skills

Debugging Strategies

Implements systematic debugging techniques and root cause analysis to resolve complex software bugs and performance issues across various technology stacks.

JavaScript Testing Patterns

Implements comprehensive testing strategies using Jest, Vitest, and Testing Library for robust JavaScript and TypeScript application development.

PCI Compliance

Implements PCI DSS security standards for the secure handling, storage, and transmission of payment card data.

Auth Implementation Patterns

Implements secure authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and RBAC.

Error Handling Patterns

Implements resilient software patterns across multiple programming languages including exceptions, result types, and graceful degradation.

GDPR Data Handling

Implements GDPR-compliant data processing workflows, including consent management, data subject rights, and privacy-by-design architectures.

STRIDE Threat Modeling Analysis

Identifies system vulnerabilities and security threats using the STRIDE methodology to strengthen architectural design and documentation.

Threat Mitigation Mapping

Maps identified security threats to specific controls and mitigations to facilitate effective risk treatment and security architecture planning.

ShellCheck Configuration

Optimizes shell script quality and portability using comprehensive static analysis and configuration patterns.

DeFi Protocol Templates

Build secure, production-grade decentralized finance applications using standardized templates for staking, lending, and liquidity pools.

WCAG Audit Patterns

Conducts comprehensive WCAG 2.2 accessibility audits and provides actionable remediation strategies for web content.

Data Quality Frameworks

Implements production-grade data validation using Great Expectations, dbt tests, and data contracts to ensure reliable and trustworthy data pipelines.

Memory Safety Patterns

Implements cross-language memory management techniques like RAII and ownership to prevent leaks, data races, and memory bugs in systems programming.

Kubernetes Security Policies

Secures Kubernetes clusters by implementing network isolation policies, pod security standards, and least-privilege RBAC configurations.

Bats Testing Patterns

Implements comprehensive unit testing for shell scripts using the Bash Automated Testing System (Bats) framework.

SAST Configuration

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection and enforce security standards across the development lifecycle.

Solidity Security

Implements secure smart contract development patterns and identifies critical vulnerabilities in Solidity code to ensure robust blockchain applications.

Code Review Excellence

Enhances the code review process through structured feedback frameworks, systematic analysis phases, and language-specific security and performance checklists.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, fixtures, and mocking for robust software verification.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress following industry-standard patterns and best practices.

Screen Reader Testing

Validates web application accessibility by providing comprehensive testing protocols and commands for major screen readers like VoiceOver, NVDA, and JAWS.

Temporal Python Testing

Implements robust testing strategies for Temporal workflows using pytest, time-skipping, and activity mocking to ensure reliability and determinism.

mTLS Configuration

Implements and manages mutual TLS for secure, zero-trust service-to-service communication within cloud-native environments.

Security Requirement Extraction

Transforms threat models and business context into actionable security requirements, user stories, and verifiable test specifications.

Secrets Management

Secures sensitive credentials and automates secret rotation across CI/CD pipelines and cloud environments.

Web3 Smart Contract Testing

Tests smart contracts comprehensively using Hardhat and Foundry frameworks with support for unit testing, mainnet forking, and fuzzing.

Web Application Testing

Automates the testing and interaction of local web applications using Playwright and managed server lifecycles.

TDD Red Phase Workflow

Generates intentional failing tests to define expected behavior and edge cases during the initial phase of Test-Driven Development.

Security Auditor & DevSecOps Expert

Conducts comprehensive security audits, vulnerability assessments, and compliance reviews to secure modern software development lifecycles and cloud infrastructure.

ShardingSphere Unit Test Generator

Generates standardized JUnit unit tests with 100% coverage targets for Apache ShardingSphere classes.