Security & Testing Agent Skills

SaaS Compliance Frameworks

Implements security controls and regulatory patterns for SOC 2, GDPR, HIPAA, and other SaaS compliance frameworks.

Validation-First Development

Implements formal specification-driven development using Quint to model state machines and verify system invariants before writing implementation code.

Zero Trust Architecture

Implements zero-trust security principles including ZTNA, micro-segmentation, and identity-first access for cloud-native applications.

CodeQL Security Analysis

Interprets CodeQL SARIF outputs to identify, validate, and remediate complex security vulnerabilities through deep semantic dataflow analysis.

Security Reviewer

Performs comprehensive security audits, threat modeling, and SLSA compliance checks to ensure production-grade software security.

Test Pyramid Design

Architects optimized test distribution strategies and identifies testing anti-patterns to ensure fast, reliable development pipelines.

Testing Strategy Framework

Implements comprehensive software testing architectures using TDD methodology, the test pyramid, and automated validation patterns.

Test-Driven Development

Implements the eXtreme Programming Red-Green-Refactor workflow to ensure code correctness and maintainability across multiple programming languages.

Fail2Ban SWAG Manager

Manages Fail2Ban intrusion prevention within SWAG reverse proxy containers to secure homelab infrastructure and web services.

Systematic Debugging Framework

Resolves complex technical issues using a rigorous four-phase methodology focused on root-cause identification rather than quick fixes.

PopKit Validation Engine

Validates Claude Code plugin integrity and applies safe automatic fixes for structure, agents, and skill configurations.

PopKit Architecture Assessment

Evaluates software architecture and code quality through automated metrics, SOLID principle validation, and technical debt reporting.

Hardened Outline-Driven Development

Orchestrates multi-layer validation pipelines across proofs, specifications, types, contracts, and tests to ensure rigorous software correctness.

PopKit Plugin Test Runner

Validates PopKit plugin integrity by executing modular test suites for agents, hooks, and skills within the Claude Code environment.

PopKit Security Assessment

Automates security audits for Claude Code plugins using vulnerability patterns, secret scanning, and OWASP-aligned checklists.

Debugging Strategies

Master systematic debugging techniques and root cause analysis to efficiently resolve bugs across any codebase or technology stack.

Secrets Management for CI/CD

Implements secure storage, rotation, and retrieval of sensitive credentials across major CI/CD platforms and cloud providers.

Auth Implementation Patterns

Implements secure, scalable authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and RBAC.

Hookify Rule Architect

Simplifies the creation and management of Hookify rules to monitor, warn, and block specific patterns in Claude Code workflows.

Debugging Methodology

Implements systematic, scientific processes to identify, reproduce, and resolve complex software defects and performance bottlenecks.

Secrets Management for CI/CD

Implements secure secrets management practices for CI/CD pipelines using tools like Vault, AWS Secrets Manager, and native platform solutions.

PopKit Anthropic Compliance Assessment

Validates PopKit plugins against official Claude Code patterns and Anthropic engineering standards through automated script-based checks.

Pop Sandbox Manager

Provides secure, ephemeral E2B sandboxes for isolated code execution and multi-agent swarm orchestration within Claude Code.

Proof-Driven Development

Verifies software correctness and safety properties through formal proof-driven development using the Lean 4 theorem prover.

Systematic Debugging Strategies

Implements methodical debugging techniques, profiling tools, and root cause analysis to resolve complex software issues across multiple programming languages.

Bitcoin Integration Auditor

Audits Bitcoin implementations for security risks and architectural gaps, automatically logging findings as prioritized GitHub issues.

Python Code Review Patterns

Identifies critical security vulnerabilities, performance anti-patterns, and framework-specific logic bugs during Python code reviews.

Vitest Testing Standards

Implements high-quality Vitest testing patterns and standards for robust JavaScript and TypeScript applications.

Lightning Issue Logger

Audits Lightning Network integrations and automatically creates structured, prioritized GitHub issues for discovered security and functional gaps.

Local Development Debugger

Investigates and resolves local development issues, runtime errors, and test failures using a strict test-driven protocol.