Security & Testing Agent Skills

Grey Haven LLM Evaluation

Systematizes LLM output evaluation using multi-dimensional rubrics, LLM-as-judge patterns, and statistical variance handling.

Consensus Voting

Executes domain-weighted multi-agent voting to validate critical decisions in security, authentication, and data architecture.

Compile CompCert

Provides comprehensive guidance for building the formally verified CompCert C compiler from source while managing strict dependency versions and memory constraints.

Systematic Debugging Framework

Enforces a rigorous four-phase scientific methodology to identify root causes and implement stable software fixes without guesswork.

Defense-in-Depth Validation

Implements multi-layered data validation across system boundaries to make software bugs structurally impossible.

PCI Security Compliance

Implements PCI DSS standards and secure payment card data handling practices to protect sensitive financial information.

Condition-Based Waiting

Eliminates flaky test behavior by replacing arbitrary timeouts with intelligent condition polling and state verification.

Web App Testing Toolkit

Automates end-to-end testing and browser interaction for local web applications using Playwright and specialized server lifecycle scripts.

Solidity Smart Contract Security

Implements robust security patterns and vulnerability prevention techniques for Solidity smart contracts.

Web3 Smart Contract Testing

Automates and optimizes smart contract testing using Hardhat and Foundry to ensure security and efficiency in blockchain development.

Automated Code Review Assistant

Dispatches a specialized subagent to analyze code implementations against requirements and catch bugs before they cascade.

Ffuf Web Fuzzing & Security

Performs high-speed web fuzzing and content discovery to identify hidden directories, subdomains, and security vulnerabilities.

DeFi Protocol Templates

Accelerates decentralized finance development with production-ready smart contract templates for staking, AMMs, governance, and lending.

Code Review Practices

Facilitates high-quality code reviews by providing actionable frameworks for identifying bugs, ensuring architectural consistency, and delivering constructive feedback.

Test-Driven Development (TDD) Workflow

Enforces a rigorous Red-Green-Refactor cycle to ensure every line of production code is verified by a failing test first.

Password Recovery

Recovers passwords and sensitive authentication data from disk images, corrupted files, and forensic scenarios using systematic analysis and specialized tools.

GCODE Text Extraction

Extracts and reconstructs text geometrically encoded within 3D printing or CNC toolpaths by analyzing movement coordinates and extrusion patterns.

Kubernetes Security Guardrails

Implements production-grade Kubernetes security policies including NetworkPolicy, RBAC, and Pod Security Standards to harden cluster infrastructure.

OpenSSL Certificate Generator

Generates and verifies self-signed SSL/TLS certificates, private keys, and combined PEM files using OpenSSL command-line tools.

FEAL Differential Cryptanalysis

Guides the implementation of differential cryptanalysis attacks to recover round keys from FEAL and similar Feistel-network block ciphers.

Verify & Validate

Enforces a rigorous verification protocol with evidence-based checklists to ensure tasks are fully completed and validated before submission.

Cybersecurity Analyst

Analyzes software and infrastructure through the lens of cybersecurity using industry-standard threat modeling and risk-based frameworks.

Web Application Testing

Automates end-to-end testing and visual verification of local web applications using Playwright and TypeScript.

FEAL Linear Cryptanalysis

Provides mathematical and procedural guidance for performing linear cryptanalysis attacks on the FEAL cipher family to recover encryption keys.

Polyglot Rust and C/C++

Generates source code that compiles and executes correctly as both Rust and C or C++ by utilizing comment syntax differences and preprocessor directives.

Coq Induction Proof Engineering

Guides the construction of induction proofs in the Coq proof assistant for mathematical properties like addition commutativity and arithmetic lemmas.

Password Recovery

Extracts passwords and sensitive information from disk images, deleted files, and binary fragments using systematic digital forensic techniques.

Code Review & Quality Gate

Conducts systematic, checklist-based code reviews to identify security vulnerabilities, type safety issues, and performance bottlenecks before you commit.

Claude Code Plugin Auditor

Validates and optimizes Claude Code plugins by detecting deprecated patterns, verifying frontmatter, and ensuring compliance with the latest platform standards.

Security Engineering

Performs threat-aware code audits and vulnerability assessments using industry-standard frameworks like OWASP and STRIDE.