Security & Testing Agent Skills

Container Security & Escape Expert

Conducts deep security assessments and penetration tests for Docker and Kubernetes environments to identify and exploit vulnerabilities.

API Security Testing

Conducts comprehensive security audits and penetration tests on REST and GraphQL APIs to identify vulnerabilities like IDOR, injection, and authorization flaws.

Linux Privilege Escalation

Identifies and exploits Linux privilege escalation vectors including SUID binaries, sudo misconfigurations, and kernel vulnerabilities.

Password Attacks & Credential Cracking

Conducts professional password hash cracking, credential spraying, and authentication brute-force attacks using industry-standard tools.

Windows Privilege Escalation Expert

Provides expert guidance and automated command patterns for escalating privileges on Windows systems during security audits.

Network Service Enumeration

Performs professional-grade discovery, enumeration, and security assessment of network services and database protocols.

Ask Oracle

Leverages advanced reasoning models and large-capacity context windows to solve complex architectural challenges and deep-seated codebase issues.

Bats Testing Patterns

Provides comprehensive guidance and implementation patterns for testing shell scripts using the Bash Automated Testing System (Bats).

Root Cause Tracing

Systematically identifies the original source of bugs by tracing invalid data backward through complex execution stacks.

TDD Failure Recovery

Recovers from unexpected test behaviors and TDD cycle issues using standardized rollback and diagnostic protocols.

PII Redaction Enforcer

Automatically redacts sensitive personal data from logs and outputs to ensure regulatory compliance and data privacy.

Pytest Pattern Enforcer

Enforces standardized pytest best practices including advanced fixtures, mocking strategies, and async test patterns.

AI Security & LLM Guardrails

Secures LLM applications by implementing prompt injection detection, PII redaction, and output content filtering.

Bats Testing Patterns

Provides comprehensive patterns and best practices for writing automated shell script tests using the Bats framework.

STRIDE Threat Model Generator

Generates comprehensive STRIDE-based threat models with automated risk scoring and actionable mitigation strategies.

Hook Simulator

Tests and validates Betty Framework hook manifests to ensure correct trigger logic and command execution before deployment.

Hook Register

Validates and registers version-controlled hook manifests to automate governance and enforcement within the Betty infrastructure.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure all production code is verified by failing tests before implementation.

Playwright Page Object Builder

Generates maintainable TypeScript Page Object Models (POMs) for Playwright using best-practice data-testid locators.

Playwright Test Debugger

Debugs and resolves failing Playwright end-to-end tests by analyzing error logs, trace files, and screenshots.

Playwright Test Generator

Generates production-ready Playwright E2E tests from natural language specifications using industry-standard best practices.

Playwright Test Maintainer

Optimizes and maintains Playwright end-to-end test suites through refactoring, locator updates, and stability improvements.

Clerk Middleware Protection

Implements secure route guards and authorization patterns using Clerk middleware for Next.js applications.

Clerk OAuth Provider Setup

Streamlines the configuration and testing of 19+ OAuth authentication providers for Clerk-powered applications.

Supabase Auth Configuration

Streamlines the setup and configuration of Supabase authentication providers, JWT settings, and secure PKCE authentication flows.

Clerk Auth Components

Simplifies the integration and customization of Clerk authentication interfaces using pre-built templates and advanced theming patterns.

Clerk Session Management

Streamlines Clerk authentication workflows including JWT verification, custom claims configuration, and multi-session management.

Vercel AI SDK Testing Patterns

Provides robust testing templates and mock provider implementations for Vercel AI SDK applications to ensure reliable AI integration.

Clerk Auth Testing & Validation

Validates Clerk authentication setups and automates security audits, E2E testing, and unit test generation for robust user identity management.

Clerk Organization Management

Implements multi-tenant SaaS features and role-based access control (RBAC) using Clerk.