Security & Testing Agent Skills

Gherkin BDD Converter

Converts between Gherkin/BDD scenarios and various specification formats like EARS, canonical markdown, or inline acceptance criteria.

Vendor Due Diligence Framework

Assesses IT service providers and technology vendors through structured risk evaluations and regulatory compliance checklists.

Business Logic Test Auditor

Audits test suites to identify and remove redundant tests that validate third-party framework behavior instead of proprietary business logic.

Story Quality Gate

Orchestrates comprehensive multi-pass quality checks for software stories to ensure production-ready code delivery.

Code Quality Auditor

Audits codebase complexity, algorithmic efficiency, and constant management to ensure high-performance, maintainable code.

Test Planning Orchestrator

Orchestrates a comprehensive test planning pipeline by coordinating research, manual testing, and automated test generation.

Build Health Auditor

Audits codebase build health by identifying compiler errors, linter violations, deprecations, and test failures across multiple tech stacks.

Dependency Security Audit

Audits project dependencies for security vulnerabilities across multiple programming ecosystems using CVSS-based classification.

Security Infrastructure Coordinator

Orchestrates automated security scanning for secrets and dependencies while generating standardized security infrastructure for any project.

Manual Test Suite Generator

Generates and executes persistent bash-based manual test suites to verify Story Acceptance Criteria and API endpoints.

Secret Scanner for Claude Code

Scans codebases for hardcoded secrets and credentials while providing automated severity classification and remediation guidance.

Automated Risk-Based Test Planner

Generates comprehensive, risk-prioritized automated test plans for E2E, integration, and unit testing based on manual results.

Chaos Engineering Planner

Designs robust chaos engineering experiments and GameDay plans to identify system failure modes and improve resilience.

AI Test Researcher & Edge Case Discovery

Researches real-world problems and competitor solutions to identify critical edge cases before the test planning phase.

Test Isolation & Anti-Patterns Auditor

Audits test suites for isolation violations, determinism issues, and architectural anti-patterns to ensure reliable CI/CD pipelines.

Code Review & QA Assistant

Streamlines pull request reviews by performing comprehensive architectural analysis and generating structured manual QA test plans.

Spring Security Master

Implements robust authentication and authorization mechanisms in Spring applications using industry-standard security protocols.

Cypress Testing Expert

Streamlines web application testing by providing comprehensive implementation patterns for Cypress end-to-end and component test suites.

Detox Mobile Testing

Facilitates the implementation of end-to-end testing for React Native applications using the Detox framework.

Test Writer

Generates comprehensive unit, integration, and end-to-end tests across multiple frameworks to ensure code quality and system reliability.

Pytest Testing Expert

Automates the creation and optimization of robust Python test suites using the pytest framework.

Web Application Testing Suite

Automates local web application testing and browser interaction using Playwright and managed server lifecycles.

Vitest Expert

Streamlines testing workflows by providing comprehensive guidance for the Vitest framework, including configuration, component testing, and mocking.

STRIDE Threat Modeling

Identifies and mitigates system vulnerabilities using the STRIDE methodology to ensure robust software security.

SonarQube Quality Analysis

Automates SonarQube analysis via Docker to identify technical debt, security vulnerabilities, and code smells in your codebase.

JUnit Java Testing

Facilitates professional Java unit testing by providing expert guidance on annotations, assertions, and test lifecycle management.

Salesforce Permission Analyzer

Analyzes, visualizes, and audits Salesforce Permission Sets and Permission Set Groups to determine granular user access levels.

Web App Testing Toolkit

Automates and validates local web applications using Playwright scripts with integrated server lifecycle management.

Test Writer Agent

Generates comprehensive unit, integration, and end-to-end tests across various frameworks to ensure code reliability and high coverage.

Jest Testing Framework

Streamlines unit and integration testing by providing expert guidance on Jest matchers, mocking, snapshots, and project configuration.