Security & Testing Agent Skills

Code Review

Conducts systematic codebase audits to identify security vulnerabilities, performance bottlenecks, and code quality issues across multiple programming languages.

Auth Route Protection Checker

Audits and secures Next.js routes, server components, and API endpoints by identifying authentication gaps and generating robust protection logic.

Test Plan Generator

Generates intelligent, non-redundant test plans by analyzing code changes to ensure comprehensive coverage without over-testing.

Expert Debugger

Activates a methodical investigation protocol for complex issues using systematic hypothesis testing and rigorous evidence gathering.

SecLists Web-Shells

Provides a comprehensive library of web shell samples across multiple languages for security research and detection validation.

Playwright Testing

Builds reliable end-to-end and component tests using Playwright, TypeScript, and modern architectural patterns like the Page Object Model.

Code Review Checklist

Provides systematic guidelines and comprehensive checklists for conducting thorough code reviews across functionality, security, and performance standards.

Formal Specification Driven Development

Implements high-assurance software by verifying requirements through Idris2 formal specifications before generating production code in Python, Rust, or TypeScript.

SEMO Package Validator

Validates the structural integrity and rule compliance of SEMO framework packages and Sub-Agents.

Code Reviewer

Performs comprehensive multi-language code analysis to enforce industry best practices, identify security vulnerabilities, and optimize application performance.

Supabase Email Authentication

Automates the implementation of production-ready email and password authentication for Next.js applications using Supabase.

LimaCharlie Infrastructure as Code

Manages LimaCharlie security configurations as version-controlled code through automated exports, Git synchronization, and multi-organization deployment workflows.

LimaCharlie Expert

Provides comprehensive architectural guidance and routing for LimaCharlie SecOps tasks, including endpoint detection, cloud security monitoring, and automated response orchestration.

LimaCharlie Incident Responder

Executes comprehensive security incident response workflows including threat investigation, containment, and forensic evidence collection using LimaCharlie's capabilities.

Artifact Collector

Collects and manages forensic evidence from endpoints, including memory dumps, system logs, and network traffic, using the LimaCharlie security platform.

Config Hive Manager

Manages centralized configuration storage in LimaCharlie, including secrets, detection rules, YARA rules, and lookup tables.

Sandbox Test Runner

Executes interactive sandbox tests for Claude Code skills and commands in isolated environments to validate functionality and prevent regressions.

Auth & Security Code Reviewer

Performs deep security audits of authentication and authorization logic, ensuring compliance with OAuth 2.1, JWT standards, and MCP protocols.

SecLists Fuzzing & Security Payloads

Automates vulnerability discovery by providing curated fuzzing payloads for SQL injection, command injection, and NoSQL exploits.

Requirement Traceability Tagger

Automates the tagging of source code, tests, and commit messages with requirement IDs to ensure full traceability throughout the SDLC.

Safe TDD Refactor Specialist

Guides safe code improvements through a search-first workflow and rigorous Test-Driven Development (TDD) principles.

BDD Workflow Orchestrator

Automates the complete Behavior-Driven Development lifecycle from Gherkin scenario creation to requirement-traced implementation and refactoring.

Requirement Traceability Coverage Report

Generates comprehensive test coverage reports mapped to specific requirements to identify testing gaps and ensure quality compliance.

STDD Specification Architect

Standardizes the creation of SPEC.md files to ensure atomic, user-centric requirements for Spec-Test-Driven Development workflows.

Agent Evaluation Suite

Standardizes the creation and maintenance of evaluation suites for AI agents using structured rubrics and validation patterns.

Spec-Test-Driven Development

Enforces a rigorous specification-first workflow that ensures every feature is documented, tested, and verified before final implementation.

Test-Driven Development

Enforces a rigorous Red-Green-Refactor workflow to ensure high-quality, tested code through the Spec-Test-Driven Development process.

Authentication & Access Control

Implements secure user authentication and multi-tenant access control for Next.js 15 and Supabase applications using server-side patterns.

NuxtUI TDD Development

Implements Vue 3 components using NuxtUI through a strict test-driven development workflow involving Storybook interaction tests and automated TDD guardrails.

OpenWebF Remote Content Security

Audits and secures remote bundle loading and trust boundaries within WebF-based applications to prevent security vulnerabilities.