Security & Testing Agent Skills

SQLMap Database Pentesting

Automates SQL injection vulnerability detection and database exploitation using the industry-standard SQLMap penetration testing framework.

Test-Driven Development (TDD) Workflow

Implements a disciplined Red-Green-Refactor cycle to ensure code quality through test-first development principles.

Clerk Authentication

Implements secure Clerk authentication patterns, middleware, and user management for Next.js applications.

Red Team Methodology & Tools

Automates security reconnaissance, vulnerability discovery, and bug bounty hunting using industry-standard red team workflows and toolsets.

Kubernetes Security Policies

Implements production-grade Kubernetes security including NetworkPolicies, RBAC, and Pod Security Standards.

Bats Testing Patterns

Provides comprehensive patterns and guidance for writing automated unit tests for shell scripts using the Bats framework.

Bats Testing Patterns

Implements comprehensive automated testing for shell scripts using the Bash Automated Testing System (Bats) framework.

SAST Security Configuration

Automates the setup and optimization of static analysis security tools to detect vulnerabilities early in the development lifecycle.

Hookify Rule Architect

Streamlines the creation and configuration of custom safety and quality rules for Claude Code using the Hookify framework.

Authentication & Authorization Patterns

Implements secure access control systems using JWT, OAuth2, RBAC, and session management patterns.

Debugging Strategies

Master systematic debugging techniques and root cause analysis to efficiently track down bugs across any technology stack.

Authentication & Authorization Patterns

Implements robust security systems using modern patterns like JWT, OAuth2, session management, and role-based access control.

Secrets Management

Implements secure storage, automated rotation, and least-privilege access for credentials and sensitive data across CI/CD pipelines.

Verification & Quality Assurance

Ensures codebase reliability and agent output quality through automated truth scoring, security verification, and git-powered rollbacks.

Secure Secrets Management

Implements robust secrets management workflows and security best practices for CI/CD pipelines and cloud environments.

Smart Contract Generator

Generates secure, production-ready Solidity smart contracts using OpenZeppelin standards and industry best practices.

Systematic Debugging

Enforces a rigorous, four-phase root cause investigation process to eliminate guesswork and ensure robust, permanent bug fixes.

Verification Before Completion

Enforces a mandatory evidence-first protocol requiring successful command execution before any task is claimed as complete.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure high-quality, verified code production through test-first implementation.

Tmux Plugin Testing

Streamlines the testing of Claude Code plugins and hooks by running isolated, automated sessions within tmux.

RSpec Spec Organization

Optimizes RSpec test suites by providing standardized patterns for shared examples, contexts, tagging, and structured directory layouts.

RSpec Rails Testing

Streamlines the creation of comprehensive RSpec test suites for Ruby on Rails applications using modern best practices.

Factory Bot for RSpec

Streamlines Ruby test data generation by providing standardized patterns for factories, traits, sequences, and associations.

RSpec Matchers

Provides expert guidance on Ruby testing assertions, expectations, and the creation of custom RSpec matchers.

OpenSpec Change Verifier

Validates code implementations against specifications, tasks, and design documents to ensure complete and correct software delivery.

Test Refactoring Expert

Optimizes and restructures test suites to improve maintainability, reduce duplication, and establish consistent testing patterns.

Test Plan Architect

Generates structured, manageable test plans and tracks testing progress across development sessions.

GKE Runtime Security

Enforces GKE workload security through Pod Security Standards, admission controllers, and real-time behavioral monitoring with Falco.

Secure Credential Storage

Implements secure patterns for managing and rotating GitHub App credentials across diverse CI/CD and infrastructure environments.

Kubernetes RBAC Security Templates

Secures Kubernetes clusters by enforcing OPA-based RBAC policies that prevent privilege escalation and wildcard permissions.