Security & Testing Agent Skills

API Security Fuzzing & Bug Bounty Toolkit

Conducts comprehensive security assessments and fuzzing on REST, GraphQL, and SOAP APIs to identify vulnerabilities like IDOR, injection, and authentication bypasses.

Systematic Debugging

Implements a rigorous four-phase methodology to identify root causes and resolve technical issues without trial-and-error thrashing.

Burp Suite Web Security Testing

Performs comprehensive web application security audits by intercepting HTTP traffic, modifying requests, and identifying vulnerabilities using Burp Suite.

Burp Suite Web Security Testing

Conducts comprehensive web application security testing using Burp Suite for traffic interception, manual exploitation, and automated vulnerability scanning.

API Security Best Practices

Implements industry-standard security patterns for REST, GraphQL, and WebSocket APIs to prevent common vulnerabilities and data leaks.

Network Services & Pen-Test Lab Setup

Configures and tests network services like HTTP, HTTPS, SNMP, and SMB for security research and penetration testing environments.

Systematic Debugging

Enforces a rigorous four-phase protocol to identify root causes and implement verified fixes for complex software bugs.

Testing Patterns & TDD Utilities

Implements robust Jest testing patterns, factory functions, and TDD workflows to ensure high-quality, maintainable codebases.

SQL Injection Security Testing

Performs comprehensive SQL injection vulnerability assessments to identify, exploit, and remediate database security flaws in web applications.

Security Scanning Tools

Automates and guides security vulnerability assessments, network discovery, and compliance auditing using industry-standard tools.

Pentest Commands Reference

Provides a comprehensive command library for penetration testing tools including Nmap, Metasploit, and SQLMap.

SSH Penetration Testing

Conducts comprehensive SSH security assessments including enumeration, credential attacks, and vulnerability exploitation for hardened network environments.

XSS & HTML Injection Security Testing

Performs comprehensive security assessments to detect, exploit, and remediate Cross-Site Scripting (XSS) and HTML injection vulnerabilities in web applications.

XSS & HTML Injection Security Testing

Identifies and exploits Cross-Site Scripting (XSS) and HTML injection vulnerabilities using advanced detection and bypass techniques.

Security Scanning Tools

Conducts comprehensive security audits and vulnerability assessments using industry-standard tools for networks, web apps, and cloud infrastructure.

API Security & Bug Bounty Fuzzing

Conducts comprehensive security assessments and fuzzing on REST, SOAP, and GraphQL APIs to identify vulnerabilities like IDOR, SQL injection, and authentication bypasses.

Privilege Escalation Methods

Provides comprehensive techniques and commands for escalating user privileges on compromised Linux and Windows systems.

Ethical Hacking Methodology

Provides a comprehensive framework for the full penetration testing lifecycle, including reconnaissance, scanning, exploitation, and professional reporting.

Web Application Testing Toolkit

Automates end-to-end web application testing using Playwright with integrated server lifecycle management.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright with a focus on maintainability and reliability.

BayesFlow Testing Patterns

Standardizes and automates the creation of robust test suites for BayesFlow extension packages using Pytest and Keras 3.

Gemini Peer Review

Consults Google Gemini via CLI to provide multi-model perspectives on code reviews, architecture, and security audits.

Implementation Verifier

Audits code implementations against predefined plan files to ensure full execution and compliance with project requirements.

Claims-Based Authorization

Manages granular, claims-based permissions for secure multi-agent coordination and resource access control.

C++ Testing with GoogleTest

Streamlines C++ testing workflows using GoogleTest, GoogleMock, and CMake to ensure robust, memory-safe code.

Security Architect & CVE Remediation

Conducts comprehensive security overhauls, threat modeling, and vulnerability remediation to establish secure-by-default software architectures.

Django TDD & Testing

Implements comprehensive test-driven development workflows for Django applications and REST APIs using pytest and factory_boy.

Security Audit & Vulnerability Scanner

Performs comprehensive security scanning and vulnerability detection to ensure codebase integrity and protection against common threats.

Playwright E2E Testing Patterns

Implements stable and maintainable end-to-end testing suites using Playwright patterns and Page Object Model architectures.

Consensus Security Manager

Implements robust security protocols for distributed systems including cryptographic verification, threat detection, and key management.