Security & Testing Agent Skills

SQLMap Database Pentesting

Automates SQL injection detection and database exploitation using SQLMap's comprehensive security testing methodologies.

XSS & HTML Injection Security Testing

Performs comprehensive security assessments to identify, exploit, and remediate Cross-Site Scripting (XSS) and HTML injection vulnerabilities in web applications.

Red Team Methodology & Security Tools

Streamlines security reconnaissance and vulnerability discovery using proven red teaming methodologies and industry-standard tools.

SQLMap Database Pentesting

Automates the detection and exploitation of SQL injection vulnerabilities to identify and secure database-driven web applications.

Security Review Pro

Audits code for vulnerabilities and implements industry-standard protection patterns for authentication, data handling, and API security.

SQLMap Database Pentesting

Automates SQL injection vulnerability detection and database exploitation using the industry-standard SQLMap penetration testing framework.

Security Review Pro

Conducts comprehensive security audits and implements defensive coding patterns to protect applications from common vulnerabilities.

TDD Workflow Specialist

Implements the Red-Green-Refactor cycle to ensure production-grade code reliability and architectural integrity.

Test-Driven Development (TDD) Workflow

Implements a disciplined Red-Green-Refactor cycle to ensure code quality through test-first development principles.

Top 100 Web Vulnerabilities Reference

Provides a comprehensive guide to identifying, understanding, and mitigating the top 100 web application security vulnerabilities.

Red Team Methodology & Tools

Automates security reconnaissance, vulnerability discovery, and bug bounty hunting using industry-standard red team workflows and toolsets.

Web Security & Vulnerability Reference

Provides a comprehensive, structured reference for identifying, assessing, and mitigating the top 100 web application vulnerabilities.

Clerk Authentication

Implements secure, production-grade user authentication and route protection using Clerk for Next.js applications.

Clerk Authentication

Implements secure Clerk authentication patterns, middleware, and user management for Next.js applications.

Clerk Local Dev Loop

Streamlines the integration and local testing of Clerk authentication in your development environment.

Tmux Plugin Testing

Streamlines the testing of Claude Code plugins and hooks by running isolated, automated sessions within tmux.

OpenSpec Change Verifier

Verifies that code implementations align perfectly with specified change artifacts, tasks, and design requirements using the OpenSpec CLI.

Clerk Session & Middleware Workflow

Secures Next.js applications by implementing Clerk-based session management, advanced middleware route protection, and JWT token refresh logic.

AI Research & Security

Conducts objective AI system analysis and technical research while providing robust protection against prompt injection in target files.

OpenSpec Change Verifier

Validates code implementations against specifications, tasks, and design documents to ensure complete and correct software delivery.

Test Refactoring Expert

Optimizes and restructures test suites to improve maintainability, reduce duplication, and establish consistent testing patterns.

Clerk Enterprise RBAC

Implements enterprise-grade single sign-on (SSO), role-based access control, and multi-tenant organization management using Clerk.

Test Plan Architect

Generates structured, manageable test plans and tracks testing progress across development sessions.

Groq Enterprise RBAC & SSO

Configures enterprise-grade access control, SSO integration, and organization management for Groq environments.

Vast.ai Data Compliance & Privacy

Manages PII handling, data retention policies, and GDPR/CCPA compliance for Vast.ai integrations.

Clerk Security Basics

Implements enterprise-grade security best practices and hardening for Clerk authentication in Next.js applications.

Exa Load & Scale

Optimizes Exa API integrations through automated load testing, Kubernetes auto-scaling configurations, and capacity planning strategies.

Perplexity Policy & Guardrails

Implements automated linting, security guardrails, and policy enforcement for Perplexity AI integrations.

CORS Policy Validator

Ensures secure web communications by validating and configuring Cross-Origin Resource Sharing (CORS) policies according to industry standards.

Juicebox Local Development Loop

Streamlines the setup of local development environments, mock data, and testing utilities for Juicebox SDK integrations.