Security & Testing Agent Skills

Deliberation & Red Teaming

Conducts structured adversarial reviews to challenge assumptions and identify hidden vulnerabilities in plans or architectures.

Auth Patterns

Implements secure authentication and authorization patterns using modern industry standards.

Vaadin Karibu Test Writer

Generates robust, browserless Karibu unit tests for Vaadin views to ensure server-side UI logic integrity.

TDD Methodology Expert

Enforces strict Test-Driven Development cycles to ensure high code quality and comprehensive test coverage.

Vaadin Playwright Tester

Generates robust Playwright integration tests for Vaadin views to ensure UI reliability in real browser environments.

Browser Performance Benchmarking

Benchmarks Zig-based WHATWG Stream implementations against browser engines to ensure high-performance compatibility and functional parity.

Rule Validation

Validates the syntax and structural integrity of agent skills and commands to ensure error-free execution.

Minitest Coder

Writes idiomatic and comprehensive Minitest tests for Ruby on Rails applications.

TDD Workflow

Implements features and fixes bugs using the disciplined Red-Green-Refactor cycle of Test-Driven Development (TDD).

Performance Testing Standards

Establishes production-grade performance testing protocols including load, stress, and soak testing using industry-standard tools like k6 and JMeter.

WordPress PHPStan Analysis

Streamlines the setup, configuration, and resolution of PHPStan static analysis errors within WordPress plugins and themes.

Salesforce Connected Apps & Security Architect

Automates the creation, management, and security validation of Salesforce Connected Apps and External Client Apps with specialized OAuth configurations.

Plugin Validator

Ensures Claude Code marketplace plugins are robust by validating directory structures, manifest files, and preventing silent failures in hook scripts.

Testcontainers for Go

Automates the setup and management of Docker-based integration tests for Go applications using pre-configured modules and best practices.

Bug & Logic Auditor

Audits source code for logical errors, race conditions, and edge cases to ensure robust error handling and stability.

License Checker

Evaluates Python package licenses for redistribution compatibility using the SPDX database to ensure enterprise compliance.

Authorization Security

Implements production-grade authorization standards including RBAC, ABAC, and NIST 800-53 compliance for secure access control.

Binary Reverse Engineering Toolkit

Analyzes binaries, executables, and bytecode using a structured methodology to uncover functionality and internal logic.

Ethics, Safety & Impact Assessment

Conducts systematic evaluations of potential harms, benefits, and fairness concerns to ensure responsible and equitable outcomes in product and policy decisions.

Code Testability Reviewer

Audits codebases for testability design patterns and identifies business logic entangled with side effects.

Security Scanning

Automates vulnerability detection across codebases, dependencies, and secrets using industry-standard security tools.

Dependency Mocking

Streamlines the creation of temporary, well-documented mock implementations for unimplemented dependencies to unblock development workflows.

Salesforce Apex Expert

Generates and reviews production-ready Salesforce Apex code using 2025 best practices and a rigorous 150-point quality scoring system.

Security Reviewer

Conducts comprehensive security audits, threat modeling, and compliance verification to harden software against vulnerabilities.

Security Workflow Integration

Transforms security scan findings into actionable, prioritized backlog tasks with automated acceptance criteria and workflow integration.

QA Validator & Test Strategist

Implements rigorous quality assurance strategies, test plans, and acceptance criteria validation for high-reliability software development.

Valid Skill

Enforces standardized software development practices and testing protocols to ensure production-grade code quality.

License Finder

Deterministically identifies license information for Python packages by analyzing PyPI metadata and scanning source repositories.

Have I Been Pwned Security Integration

Integrates the Have I Been Pwned API to check for compromised accounts, passwords, and data breaches within security workflows.

Source Finder

Locates and validates source code repositories for Python packages using PyPI metadata and web search.