Security & Testing Agent Skills

Automated Testing & QA

Generates and runs comprehensive test suites with automated coverage reporting and documentation-backed best practices.

Verification & Quality Assurance

Ensures codebase reliability and agent output quality through automated truth scoring, security verification, and git-powered rollbacks.

Secure Secrets Management

Implements robust secrets management workflows and security best practices for CI/CD pipelines and cloud environments.

Secure Secrets Management

Implements secure credential handling and automated secret rotation for CI/CD pipelines and cloud environments.

Security Remediation Library

Provides a centralized index of security remediation guides to help developers fix injection, cryptography, authentication, and configuration vulnerabilities.

Scale Game Architect

Validates software architecture by simulating behavior at extreme scales to uncover hidden bottlenecks and production edge cases.

Authentication Management

Secures and manages authentication flows between Laravel Sanctum backends and Next.js frontends while preventing environment configuration leaks.

Secure Environment Protection Patterns

Implements robust deployment protection for GitHub Actions using environment approval gates, wait timers, and branch-specific policies.

Ideogram Enterprise RBAC

Configures enterprise-grade role-based access control and SSO integration for Ideogram services.

Input Validation & Injection Scanner

Automates the detection of input validation vulnerabilities and injection risks to harden application security.

Systematic Debugging

Enforces a rigorous, four-phase root cause investigation process to eliminate guesswork and ensure robust, permanent bug fixes.

Security & Compliance Checklist

Applies comprehensive security audits and OWASP-aligned checks to identify vulnerabilities in application code and architecture.

Condition-Based Waiting

Eliminates flaky tests by replacing arbitrary timeouts with condition polling to wait for actual state changes.

Bats Shell Testing Patterns

Automates shell script verification using the Bash Automated Testing System (Bats) framework for robust and portable scripts.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure high-quality, verified code production through test-first implementation.

Dependency Upgrade Manager

Facilitates major version upgrades of software dependencies through compatibility analysis, staged rollouts, and rigorous testing.

Encryption & Security Auditor

Secures sensitive data through automated encryption, decryption, and comprehensive cryptographic practice validation.

E2E Testing Patterns

Implements reliable end-to-end testing suites using Playwright and Cypress to capture regressions and ensure application stability.

Systematic Debugging Strategies

Applies methodical debugging frameworks and root cause analysis to resolve complex software issues across diverse technology stacks.

Windsurf Code Privacy & Compliance

Manages code privacy settings and data retention policies to ensure regulatory compliance within Windsurf Enterprise environments.

Minitest for Rails

Streamlines the creation and management of Ruby on Rails tests using the default Minitest framework.

Python Testing Standards

Implements industry-leading Python testing patterns and TDD workflows using pytest and advanced mocking strategies.

Remediation: Injection Vulnerabilities

Provides actionable code patterns and best practices to fix SQL injection, command injection, and cross-site scripting (XSS) across multiple programming languages.

Python Dependency Updater

Maintains Python project health by auditing security vulnerabilities and managing version compatibility in pyproject.toml.

Pythonista Testing Pro

Implements rigorous Python testing standards using pytest, TDD workflows, and refactor-safe mocking patterns.

Pythonista Debugging & Root Cause Fixing

Eliminates technical debt by identifying and fixing the root causes of Python errors instead of implementing complex workarounds.

Granola Security Basics

Implements and audits security best practices for protecting sensitive Granola meeting data and ensuring enterprise-grade compliance.

Deepgram Data Compliance & Handling

Implements secure audio storage, PII redaction, and automated retention policies for Deepgram transcription workflows.

Verified Completion Gate

Enforces rigorous verification protocols by requiring fresh command evidence before any task is marked as complete or fixed.

Story-Driven TDD

Guides developers through the Test-Driven Development (TDD) inner loop to implement software features incrementally based on acceptance criteria.