Security & Testing Agent Skills

Newman API Testing & Automation

Automates API testing workflows using Newman and Postman collections with robust environment management and reporting.

Solidity Smart Contract Patterns

Implements battle-tested Solidity design patterns and OpenZeppelin security standards for robust Ethereum smart contract development.

Cargo Startup Validator

Validates that Rust applications and daemons launch successfully without runtime errors or panics through automated execution testing.

Agent Performance Evaluation

Implements robust evaluation frameworks and multi-dimensional rubrics to measure the quality, accuracy, and efficiency of AI agent systems.

Mopro ZK Mobile Testing

Automates multi-level testing for Zero-Knowledge mobile applications, covering Rust logic, FFI bindings, and platform-specific UI components.

Audit Context Builder

Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.

Spec-to-Code Compliance Checker

Audits blockchain codebases against technical specifications and whitepapers to identify implementation gaps and logic divergences.

Test-Driven Development (TDD) Pro

Enforces a strict Red-Green-Refactor workflow to ensure high-quality, verified production code through test-first implementation.

Firebase APK Security Scanner

Scans Android APKs for Firebase security misconfigurations including open databases, storage buckets, and authentication vulnerabilities.

Coverage Analysis for Fuzzing

Analyzes code execution during fuzzing to identify performance bottlenecks, magic value blockers, and areas for harness improvement.

API Security Best Practices

Implements robust API security patterns including authentication, authorization, and protection against common vulnerabilities like SQL injection and DDoS.

API Security Best Practices

Implements industry-standard security patterns for REST, GraphQL, and WebSocket APIs to prevent common vulnerabilities and data leaks.

Security Reviewer

Conducts systematic, high-confidence security audits to identify exploitable vulnerabilities like injection, XSS, and authentication flaws.

Token Integration Analyzer

Analyzes smart contract token implementations and integrations for security vulnerabilities and non-standard ERC20/ERC721 behaviors.

C++ TDD Workflow Manager

Enforces a rigorous Test-Driven Development (TDD) lifecycle for C++20 projects using Google Test, CMake, and coverage analysis.

Atheris Python Fuzzing

Implements coverage-guided fuzzing for Python code and C extensions to detect memory corruption and logic vulnerabilities.

IDOR Vulnerability Testing

Detects, exploits, and remediates Insecure Direct Object Reference (IDOR) vulnerabilities in web applications to prevent unauthorized data access.

Smart Contract Entry Point Analyzer

Analyzes smart contract codebases to identify and categorize state-changing entry points for security auditing and attack surface mapping.