Security & Testing Agent Skills

Input Validation & Sanitization

Implements secure input validation and sanitization patterns using Zod and Pydantic to prevent injection attacks and ensure data integrity.

Security Scanning

Automates vulnerability detection for dependencies, source code, and containers using industry-standard security tools.

Integration Testing Patterns

Implements robust integration testing patterns for APIs, databases, and complex component interactions across modern tech stacks.

MSW API Mocking

Intercepts and mocks network requests using Mock Service Worker 2.x to create deterministic frontend tests for REST, GraphQL, and WebSockets.

AI & LLM Testing Patterns

Implements deterministic testing patterns for AI applications using DeepEval, RAGAS, and advanced mocking strategies.

Golden Dataset Curator

Curates and validates high-quality documents for golden datasets using a multi-agent evaluation workflow.

Evidence Verification

Verifies development tasks and code changes by collecting verifiable proof including test results, build outputs, and exit codes.

Prow Job Test Failure Analyzer

Streamlines CI/CD debugging by automatically analyzing Prow test failures through log inspection, artifact scanning, and cluster event correlation.

VCR.py HTTP Recording

Records and replays HTTP interactions for Python tests to create deterministic, network-independent, and cost-effective test environments.

Modern Authentication Patterns

Implements production-ready authentication and authorization workflows using modern security standards like OAuth 2.1, Passkeys, and Argon2id.

Security Audit & OWASP Compliance

Performs deep security analysis of codebases to identify vulnerabilities, OWASP Top 10 risks, and insecure architectural patterns.

Litestar Vite Testing

Streamlines the creation of high-quality unit and integration tests for Litestar-Vite integrations using pytest and Vitest.

Extension Debugger

Debugs and resolves issues within Chrome and Firefox extensions by inspecting content scripts, popups, and service workers.

Quality Gates

Automates repository quality checks including linting, multi-browser builds, and E2E testing for browser extensions.

Code Reviewer & Security Auditor

Conducts comprehensive code reviews focusing on security vulnerabilities, performance bottlenecks, and architectural best practices.

Gateflow SystemVerilog Lint

Lints SystemVerilog code using Verilator to identify design errors, warnings, and performance bottlenecks with structured feedback.

Playwright E2E Debugger

Debugs and fixes Playwright end-to-end tests for browser extensions while minimizing flakiness in dynamic environments.

SystemVerilog Testbench Best Practices

Implements professional-grade SystemVerilog verification patterns and layered testbench architectures for robust RTL validation.

GateFlow Verilator Lint Summary

Simplifies SystemVerilog development by converting complex Verilator lint and simulation outputs into actionable, readable reports.

GF Sim (SystemVerilog Simulator)

Compiles and executes SystemVerilog simulations using Verilator with automated file classification and structured result reporting.

Performance Testing

Validates system performance and identifies architectural bottlenecks using industry-standard load and stress testing patterns.

ArifOS Web Search Grounding

Verifies AI-generated claims against authoritative external sources using a multi-tier constitutional consensus framework.

Shadow Testing

Creates isolated container environments to test local, uncommitted code changes across multiple repositories before pushing to CI.

Playwright E2E Testing

Automates robust end-to-end testing using Playwright 1.57+ with AI-assisted test generation and self-healing capabilities.

Chaos Engineering & Resilience

Implements controlled failure injection and resilience validation to ensure distributed systems handle real-world disruptions gracefully.

Professional Code Review & Security

Automates comprehensive code reviews focusing on security, React 19 patterns, and TypeScript performance optimization.

CISO & Product Manager

Provides strategic security guidance and product vision to ensure development aligns with risk management and user safety goals.

Fix Validation Protocol

Implements a scientific validation workflow to ensure code fixes are verified through empirical observation and evidence rather than assumptions.

Test Failure Analyzer

Debugs and classifies failing test cases to determine if they indicate genuine implementation bugs or incorrect test expectations.

Claude Code Permissions Manager

Manages and configures granular access controls, tool approval rules, and security sandboxing for Claude Code environments.