Security & Testing Agent Skills

Test-Driven Development (TDD)

Enforces strict Red-Green-Refactor cycles to ensure all production code is preceded by failing tests.

Threat Modeling Security Agent

Performs systematic security threat modeling and architectural risk assessments using the STRIDE methodology.

Async and Scheduled Unit Testing

Simplifies unit testing for Spring @Async and @Scheduled tasks using JUnit 5, Mockito, and Awaitility.

ISO 27001 Security & Compliance Manager

Implements ISO 27001 frameworks and cybersecurity risk assessments specifically tailored for HealthTech and MedTech organizations.

ShellCheck Configuration Expert

Optimizes shell script quality by configuring and implementing ShellCheck static analysis across development and CI/CD workflows.

Smart Test Fixing Assistant

Systematically identifies, groups, and resolves failing tests in your codebase using intelligent error analysis and prioritized fixing strategies.

Spring Cache Unit Testing

Validates Spring Cache annotations and behavior using JUnit 5 and Mockito to ensure efficient data retrieval and invalidation logic.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor cycle to ensure high-quality code through mandatory test-first implementation.

Security Attack Tree Construction

Constructs systematic attack path visualizations to identify security vulnerabilities and prioritize defensive gaps.

JavaScript Unit Test Implementation

Automates the creation, configuration, and coverage analysis of Jest unit tests for JavaScript applications.

FDA Regulatory & HIPAA Consultant

Navigates complex FDA regulatory pathways, QSR compliance, and HIPAA requirements for medical device and healthcare software development.

Web Application Testing

Automates local web application testing and UI verification using specialized Playwright scripts and server management utilities.

GDPR & DSGVO Compliance Expert

Navigates complex data protection regulations by providing expert-level GDPR and German DSGVO compliance auditing, privacy impact assessments, and regulatory documentation.

REST Controller Unit Testing Skill

Streamlines Java REST controller testing by providing MockMvc patterns and best practices for isolated web layer validation.

ISMS Audit Expert

Facilitates professional ISO 27001 auditing, security control assessments, and ISMS compliance verification with expert-level guidance.

Web Application Testing Toolkit

Automates local web application testing and browser interactions using Playwright and managed server lifecycles.

Error Resolver

Diagnoses and resolves software errors across any language or framework using a systematic, first-principles analysis workflow.

Unit Test Security Authorization

Tests Spring Security authorization logic including role-based access control and method-level security annotations.

Defense-in-Depth Validation

Implements multi-layered validation strategies to prevent deep-execution failures and make bugs structurally impossible.

API Security Fuzzer

Automates REST API fuzz testing to identify security vulnerabilities, input validation failures, and unexpected edge cases.

Security Requirement Extractor

Transforms threat analysis and business contexts into actionable, testable security requirements and user stories.

Threat Mitigation Mapping

Connects identified security threats to specific technical and procedural controls to prioritize risk remediation and strengthen defense-in-depth strategies.

Kubernetes Security Policies

Implements defense-in-depth security for Kubernetes clusters through network isolation, RBAC, and pod security standards.

SAST Configuration & Security Scanning

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within development workflows.

Shell Script Testing with Bats

Automates shell script testing using the Bash Automated Testing System (Bats) to ensure robust, production-grade CLI utilities and scripts.

Security & Compliance Expert

Guides security professionals in architecting defense-in-depth systems and achieving compliance with industry frameworks like SOC2, ISO27001, and GDPR.

Senior SecOps

Strengthens application security and compliance through automated scanning, vulnerability assessment, and rigorous audit workflows.

QMR Senior Quality Manager

Governs MedTech and HealthTech quality management systems through strategic regulatory oversight and ISO 13485 compliance leadership.

Workflow Verifier

Validates AI-driven coding workflows using a hybrid system of automated scripts and LLM-as-judge assessments to ensure reliability.

Auth Implementation Patterns

Implements secure and scalable authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and RBAC.