Security & Testing Agent Skills

CSRF Protection Validator

Validates web application security by identifying Cross-Site Request Forgery (CSRF) vulnerabilities and auditing protection mechanisms.

Database Test Manager

Automates the creation of robust database testing environments through data generation, transaction management, and schema validation.

Threat Modeling Status

Displays a comprehensive overview of security posture, including asset counts, threat distribution, and compliance coverage within Claude Code.

Security Audit Reporter

Generates comprehensive security audit reports and compliance assessments to identify system vulnerabilities and provide actionable remediation steps.

OWASP Compliance Checker

Scans codebases for web application security vulnerabilities based on the OWASP Top 10 standards to ensure production-ready security.

Security Incident Responder

Guides users through the complete security incident response lifecycle from initial triage and containment to forensic investigation and recovery.

Vulnerability Scanner

Performs automated security audits to detect code flaws, vulnerable dependencies, and insecure configurations within your project.

Claude Plugin Auditor

Automates security, compliance, and quality audits for Claude Code plugins to ensure they meet production standards.

Compliance Mapping Toolkit

Maps security threats and controls to major compliance frameworks like OWASP, SOC2, and PCI-DSS to generate audit-ready documentation.

XSS Vulnerability Scanner

Scans web applications for Cross-Site Scripting vulnerabilities and provides context-aware remediation guidance.

Security Risk Report Generator

Generates comprehensive, prioritized security risk reports and executive summaries from threat model data.

Security Control Verifier

Verifies the implementation of security controls within your codebase against documented threat models to identify gaps and ensure compliance.

Test Coverage Analyzer

Analyzes code coverage metrics to identify untested code paths and generate detailed quality reports.

Threat Modeling & Risk Analysis

Analyzes system threats using STRIDE or PASTA frameworks to generate comprehensive threat catalogs, attack trees, and risk registers.

Code Smell Detector & Refactor Guide

Analyzes source code to identify anti-patterns, complexity issues, and technical debt while providing senior-level refactoring advice.

Accessibility Test Scanner

Conducts comprehensive WCAG accessibility audits and ARIA validations to ensure web applications are inclusive and compliant.

Threat Model Initializer

Automates the creation of comprehensive threat models by analyzing architecture documentation and system components.

Threat Model Security Testing

Generates automated security test cases and attack scenarios directly from threat models to verify controls and prevent regressions.

Regression Test Tracker

Automates the identification, execution, and analysis of regression tests to prevent breaking changes and ensure code stability.

Configuration & Secrets Reviewer

Audits application configurations and secret management to ensure production safety, environment parity, and security compliance.

Claude Plugin Validator

Ensures Claude Code plugins meet structural, security, and marketplace standards through automated comprehensive validation.

Apex Ship & AI Code Review

Finalizes software tasks through multi-agent adversarial code reviews, automated git commits, and pattern-based learning.

Security Pattern Check

Identifies security vulnerabilities and anti-patterns to provide senior-level feedback on code safety and compliance.

Nitro & Nuxt 3 Testing Patterns

Streamlines testing for Nuxt 3 and Nitro applications using transactional PostgreSQL isolation and advanced component testing patterns.

Testing Implementation

Implements comprehensive test suites and quality assurance workflows using industry-standard frameworks and coverage targets.

Lighthouse Web Auditor

Audits web page quality including performance, accessibility, SEO, and best practices using the Lighthouse CLI.

Playwright CLI Expert

Automates end-to-end testing and browser workflows using the Playwright CLI to record, debug, and execute tests across multiple platforms.

mTLS Security Configuration

Configures mutual TLS (mTLS) for zero-trust service communication and automated certificate management across cloud-native environments.

Systematic Debugging

Implements a rigorous, evidence-based methodology for identifying root causes and resolving complex software bugs without guesswork.

IDOR Vulnerability Testing

Provides systematic methodologies for detecting, exploiting, and remediating Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.