Security & Testing Agent Skills

Automated Test Fixing

Systematically identifies and resolves failing tests using intelligent error grouping and prioritized fixing strategies.

Roadmap Discovery

Automates comprehensive codebase audits to identify technical debt, security risks, and performance bottlenecks across multiple domains.

STRIDE Threat Modeling Assistant

Generates comprehensive STRIDE-based threat models and security requirements to identify and mitigate risks during software design.

QA Auditor

Conducts professional-grade web application quality assurance audits with comprehensive HTML reporting and automated metric scoring.

Realistic Test Data Generator

Generates high-quality, production-like datasets and custom schemas to accelerate software testing and database population.

Markdown E2E Testing

Executes end-to-end tests written in plain English markdown using Playwright and Claude's intent-based element recognition.

Trivy Security Scan

Scans containers and dependencies for vulnerabilities using Trivy to ensure production-ready security compliance.

OpenCode Bug Fix Assistant

Streamlines bug fixing workflows by preventing regressions, managing large logs via memory, and ensuring minimal code diffs.

Rails Testing

Guides developers through writing, debugging, and organizing comprehensive test suites for Ruby on Rails applications using RSpec or Minitest.

Rails Security Expert

Hardens Ruby on Rails applications by implementing industry-standard authentication, authorization, and vulnerability protections.

Chrome Extension Security Expert

Implements robust security patterns and Manifest V3 best practices for Chrome extension development.

Verification Before Completion

Enforces a strict evidence-first workflow by requiring fresh verification evidence before any completion claims are made.

Systematic Debugging

Implements a rigorous four-phase workflow to identify root causes and eliminate bugs without introducing new regressions.

Antifragility Systems Design

Implements resilient architectures and mental models that allow systems to thrive under volatility and gain strength from stressors.

API Security Best Practices

Implements industry-standard security patterns and protection strategies for REST, GraphQL, and WebSocket APIs.

Fault Tree Analysis

Performs top-down deductive root cause analysis to identify system vulnerabilities and failure paths using Boolean logic.

Security Path Authorization

Manages a persistent allowlist to bypass security checks for specific files and directories during tool execution.

Fail-Safe System Design

Implements robust fail-safe engineering principles to ensure systems automatically transition to a secure state during malfunctions or errors.

Property-Based Testing

Implements robust testing strategies by defining universal software properties and automatically generating diverse input sets to uncover hidden edge cases.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure all production code is validated by failing tests before implementation.

Scenario-Based Assessment

Performs structured evaluations of specific threat scenarios to drive proactive risk mitigation and contingency planning.

Stress Testing & Reliability Patterns

Identifies system breaking points and failure modes by simulating extreme operating conditions and resource starvation.

Test-Driven Development (TDD)

Implements the Red-Green-Refactor cycle to ensure code reliability and high test coverage from the start.

Grim Repo Auditor

Performs brutal, hyper-critical audits of code repositories to identify flaws and technical debt before public release.

Behavior-Driven Development (BDD) Patterns

Bridges the communication gap between technical and business stakeholders by implementing Given-When-Then scenarios in plain language.

Lev Project Alignment Validator

Validates project work against architectural gates and specification invariants to ensure strict alignment with system requirements.

Security Review Expert

Audits source code for security vulnerabilities and enforces production-grade safety standards across the development lifecycle.

Debug Specialist

Identifies root causes of software bugs and provides robust fixes through systematic log analysis and scientific troubleshooting.

Critical Thinking & Self-Skepticism

Enforces a rigorous, self-skeptical development mindset focused on technical accuracy and red-teaming assumptions.

Anti-Reversing & Software Protection Analysis

Identifies and bypasses anti-debugging, obfuscation, and software protection mechanisms during authorized security analysis and malware research.