Security & Testing Agent Skills

Cosmos Vulnerability Scanner

Identifies consensus-critical vulnerabilities and security flaws in Cosmos SDK modules and CosmWasm smart contracts to prevent chain halts and fund loss.

Firebase APK Security Scanner

Audits Android APK files for Firebase security vulnerabilities and misconfigurations including exposed databases and storage buckets.

Subagent Quality Reviewer

Analyzes and optimizes Claude Code subagents based on industry best practices to ensure high-quality, reliable AI workflows.

Differential Security Review

Performs deep, security-focused differential analysis on code changes to identify risks, calculate blast radius, and prevent vulnerabilities.

CodeQL Security Analysis

Performs deep static analysis to identify security vulnerabilities, track data flow, and perform taint analysis across complex codebases.

Audit Context Builder

Facilitates ultra-granular, line-by-line architectural analysis to build comprehensive system context for security audits.

Token Integration & Security Analyzer

Performs deep security audits of smart contract tokens and protocol integrations using the Trail of Bits checklist and Slither analysis.

DWARF Debug Expert

Analyzes DWARF debug files and provides expert guidance on DWARF standards (v3-v5) for binary analysis and tool development.

Atheris Python Fuzzer

Performs coverage-guided fuzz testing for pure Python code and C extensions to detect memory corruption and complex logic errors.

Fuzzing Harness Development

Provides expert guidance and implementation patterns for creating high-performance, deterministic fuzzing harnesses across multiple programming languages.

Property-Based Testing Guide

Implements advanced property-based testing strategies to identify edge cases and ensure system invariants across multiple programming languages.

Solana Vulnerability Scanner

Scans Solana and Anchor programs for critical security vulnerabilities including arbitrary CPI, improper PDA validation, and missing signer checks.

Systematic Bug Fixer

Resolves complex end-to-end bugs by cross-referencing real-time code execution with architectural design documents.

OSS-Fuzz Integration

Streamlines the setup, local testing, and enrollment of open-source projects into the Google OSS-Fuzz continuous fuzzing infrastructure.

TypeScript Best Practices

Enforces high-quality coding standards and robust type safety for TypeScript, Node.js, and React projects.

HTML Injection Security Testing

Identifies and tests for HTML injection vulnerabilities to secure web applications against content manipulation and phishing attacks.

Structured Test Planning

Generates and manages modular test plans from implementation documents with integrated progress tracking and coverage guidelines.

Smart Test Selection

Optimizes development cycles by selecting the most efficient verification commands based on specific code changes.

Test Refactoring Specialist

Refactors test suites to improve maintainability, reduce duplication, and establish consistent testing patterns.

Security Requirement Extractor

Translates threat models and business context into actionable security requirements, user stories, and verifiable test cases.

Lutece RBAC Implementation

Implements secure Role-Based Access Control (RBAC) patterns for Lutece 8 plugins using standardized resource services and authorization checks.

JavaScript Testing Patterns

Implements comprehensive testing strategies using Jest and Vitest for robust JavaScript and TypeScript applications.

OpenShift E2E Test Generator

Automates the creation of end-to-end test artifacts for OpenShift operators through dynamic repository analysis and git diff tracking.

TDD Orchestration Workflow

Orchestrates a comprehensive Test-Driven Development (TDD) and Acceptance Test-Driven Development (ATDD) workflow using the Red-Green-Refactor cycle.

TDD Implementation Cycle

Implements production-ready code using rigorous TDD/ATDD principles and the Red-Green-Refactor cycle.

Secure Secrets Manager

Protects sensitive credentials and API keys by managing them securely through an encrypted vault and redacted command execution.

Test Design & TDD Architect

Designs comprehensive test suites and generates structured TDD specifications using a Top-Down approach to define software interfaces.

Pytest Profiling & Optimization

Diagnoses and speeds up slow Python test suites using systematic profiling and targeted optimization patterns.

SDLC Review

Validates code changes through automated testing, build verification, and AI-driven code reviews to ensure deployment readiness.

Pytest Baseline & Coverage Runner

Executes Pytest suites with comprehensive coverage analysis and baseline tracking to detect regressions and monitor testing trends.