Security & Testing Agent Skills

Skill Testing with Subagents

Applies the RED-GREEN-REFACTOR cycle to process documentation to ensure AI agents follow instructions under high-pressure scenarios.

Condition-Based Waiting

Eliminates flaky tests and race conditions by replacing arbitrary timeouts with intelligent state-based condition polling.

Defense-in-Depth Validation

Implements multi-tiered data validation strategies to prevent deep execution failures and make software bugs structurally impossible.

Root Cause Tracing

Systematically traces bugs through the call stack to identify original triggers and implement long-term fixes.

Testing Anti-Patterns Guard

Eliminates common testing mistakes by enforcing strict TDD principles and preventing mock-related technical debt.

Systematic Debugging

Implements a rigorous four-phase framework to identify root causes and resolve complex technical issues without introducing regressions.

Parallel Agent Dispatcher

Accelerates debugging by dispatching multiple independent Claude agents to investigate and resolve concurrent system failures.

Cloud Penetration Testing

Conducts comprehensive security assessments and penetration tests across AWS, Azure, and Google Cloud Platform environments.

Verification Before Completion

Enforces rigorous, evidence-based verification before claiming any programming task or bug fix is complete.

Engineering Vibe Audit

Conducts a rigorous 20-metric technical audit to evaluate code quality, production readiness, and AI-generated slop.

AI Code Reviewer

Performs systematic code audits to identify security vulnerabilities, logic bugs, and maintainability issues with actionable feedback.

Story-Driven Acceptance Testing

Guides Product Owners through manual verification steps to validate features before they are merged into production.

Privilege Escalation Methods

Provides expert techniques and commands for escalating user privileges on compromised Linux and Windows systems.

XSS & HTML Injection Security Testing

Performs comprehensive security assessments to identify, exploit, and remediate Cross-Site Scripting (XSS) and HTML injection vulnerabilities in web applications.

XSS and HTML Injection Security Tester

Conducts comprehensive security assessments to identify and demonstrate cross-site scripting and HTML injection vulnerabilities in web applications.

Privilege Escalation Toolkit

Provides comprehensive methodologies and commands for elevating user privileges on Linux and Windows systems during security assessments.

Task Module Testing

Automates the planning, implementation, and verification of unit and integration tests across multiple programming domains.

Java Issue Triage Extension

Triages Java-related findings and static analysis issues during the finalization phase of the AI coding workflow.

Web Access Security & Permissions

Manages WebFetch permissions through security assessment patterns and trusted domain verification standards.

SonarQube Workflow Integration

Automates the retrieval, triage, and resolution of SonarQube issues within your development workflow.

Plugin Development Triage Extension

Streamlines the triage of marketplace plugin findings by providing decision-making guidelines for testing and validation errors.

Verification Mode for Plan Marshall

Enforces a strict verification protocol that halts execution on errors or workarounds to ensure reliable AI orchestration and root cause resolution.

CUI Java Testing Standards

Enforces standardized Java testing patterns using CUI libraries for reliable data generation and contract validation.

JUnit Core Testing

Standardizes Java unit testing using JUnit 5 with the Arrange-Act-Assert (AAA) pattern and strict coverage requirements.

Security Review Specialist

Conducts comprehensive security audits, threat modeling, and remediation guidance for software projects using standardized safety frameworks.

CUI JavaScript Unit Testing

Enforces standardized Jest unit testing patterns and coverage requirements for reliable JavaScript development.

Java Maintenance & Refactoring Standards

Streamlines Java code maintenance by enforcing prioritization frameworks, refactoring triggers, and compliance verification standards.

Java CDI & Quarkus Standards

Streamlines Quarkus development with CDI patterns, native image optimization, and standardized testing frameworks.

Permission Doctor

Diagnoses and audits Claude Code permission settings to identify security risks, syntax errors, and redundant configurations.

JUnit Integration Testing for Maven

Standardizes Maven integration testing by configuring the Failsafe plugin, naming conventions, and dedicated build profiles.