Security & Testing Agent Skills

Critical Thinking & Self-Skepticism

Enforces a rigorous, self-skeptical development mindset focused on technical accuracy and red-teaming assumptions.

Secure HTTP Headers

Configures industry-standard HTTP security headers and cookie policies to protect web applications from common vulnerabilities.

Test Coverage Analysis

Analyzes code coverage reports and identifies critical testing gaps to improve software reliability across Python and JavaScript projects.

Anti-Reversing & Software Protection Analysis

Identifies and bypasses anti-debugging, obfuscation, and software protection mechanisms during authorized security analysis and malware research.

Test Coverage Analysis

Analyzes test coverage reports and identifies critical code gaps to improve software reliability in Python and JavaScript projects.

Advanced JS Mocking Patterns

Implements sophisticated JavaScript testing strategies for module isolation, timer manipulation, and mock lifecycle management.

Firebase Authentication Patterns

Implements secure Firebase Authentication flows including OAuth, session management, and protected routes for web applications.

Firestore Security Rules Generator

Generates robust, production-ready Firestore security rules with patterns for RBAC, multi-tenancy, and schema validation.

Clerk CI/CD & Auth Testing

Automates the setup of Clerk authentication within CI/CD pipelines using GitHub Actions and Playwright for robust end-to-end testing.

Infrastructure Integration Test Generator

Automates the creation of Java-based database integration tests for infrastructure layers using Maven Failsafe.

Python Code Review & Linting

Enhances Python code quality through automated Ruff linting, security vulnerability detection, and robust mypy type checking.

Pytest Modern Test Patterns

Implements standardized pytest structures including fixtures, parametrization, and the AAA pattern to build robust Python test suites.

Privacy & Consent Compliance

Implements privacy-first development patterns to ensure GDPR and CCPA compliance through automated consent management and data minimization.

QA Strategy & Quality Metrics

Guides the implementation of robust testing pyramids and software maintainability metrics to reduce technical debt and improve code health.

Playwright Test Generator

Generates production-ready Playwright E2E tests from natural language specifications using industry-standard best practices.

TypeScript Component Testing

Implements robust, accessible UI component tests using React Testing Library and modern TypeScript patterns.

Red/Blue Team Validator

Stress-tests decisions, strategies, and architectures through iterative adversarial Red/Blue team simulations to uncover and mitigate vulnerabilities.

Firebase Authentication Patterns

Implements secure Firebase Authentication flows including OAuth, session management, and server-side protected routes.

TypeScript Component Testing

Implements industry-standard Jest, Vitest, and React Testing Library patterns to ensure robust, accessible frontend components.

TRIZ Beforehand Cushioning

Implements proactive safety measures and emergency fail-safes to mitigate high-risk system failures.

MCP Protocol Compliance Testing

Validates Model Context Protocol (MCP) implementations for JSON-RPC 2.0 compliance, schema integrity, and async execution reliability.

TDD Workflow

Implements a rigorous Test-Driven Development cycle to ensure code quality and reliability through the Red-Green-Refactor pattern.

Access Control Patterns

Implements secure authorization logic by auditing and applying RBAC, ABAC, and IDOR prevention patterns.

FMEA Risk Analysis

Systematically identifies potential failure modes and prioritizes preventive actions using quantitative Risk Priority Numbers (RPN).

Security Patterns & PR Review

Performs automated security audits and PR reviews using advanced detection heuristics for vulnerabilities like SQLi, XSS, and hardcoded secrets.

Python Code Review & Linting

Automates Python code analysis to enforce security standards, fix anti-patterns, and maintain strict linting using Ruff and Mypy.

Authentication & Session Security

Secures applications by implementing JWT validation, OAuth2 flows, and robust session management patterns.

Security Testing

Hardens software applications by providing comprehensive security auditing, vulnerability scanning, and penetration testing guidance.

Pytest Modern Test Patterns

Implements high-quality Python testing suites using modern pytest structures, the AAA pattern, and advanced fixture management.

Advanced JS Mocking Patterns

Master complex testing scenarios in Jest and Vitest using advanced module mocking, spies, and temporal control techniques.