Security & Testing Agent Skills

Semgrep Rule Creator

Generates and optimizes production-quality Semgrep rules for advanced vulnerability detection and security auditing.

Burp Suite Project Parser

Searches and extracts security data from Burp Suite project files using regex patterns and command-line tools.

Semgrep Security & Static Analysis

Performs rapid security scanning and pattern-based vulnerability detection using Semgrep and Trail of Bits security rules.

CodeQL Security Analysis

Performs deep static analysis and interprocedural taint tracking to detect complex security vulnerabilities across multi-function code paths.

Spec-to-Code Compliance Checker

Verifies that blockchain codebases align perfectly with their whitepapers and technical specifications through rigorous semantic mapping.

Security Fix Review

Verifies that git commits correctly address security audit findings without introducing new bugs or regressions.

SARIF Analysis & Parsing

Parse and process Static Analysis Results Interchange Format (SARIF) files to automate security audits and vulnerability management.

Sharp Edges Security Analysis

Identifies security footguns and error-prone API designs to ensure software is secure by default.

Session Security Auditor

Analyzes web application session management to identify and mitigate critical security vulnerabilities.

Vercel Data Compliance & Privacy

Implements PII handling, data retention policies, and GDPR/CCPA compliance patterns for Vercel-based applications.

Vulnerability Scanner

Identifies security vulnerabilities in codebase, dependencies, and configurations to ensure robust application security.

Python Unittest Creator

Generates production-ready Python unit tests and test configurations using industry-standard best practices.

XSS Vulnerability Scanner

Scans web application code to detect and remediate reflected, stored, and DOM-based cross-site scripting vulnerabilities.

CSRF Security Validator

Automates the identification and remediation of Cross-Site Request Forgery (CSRF) vulnerabilities across web applications and API endpoints.

API Fuzzing & Security Testing

Automates API fuzz testing to proactively identify security vulnerabilities, edge cases, and unexpected system crashes.

Snapshot Test Manager

Automates the creation, validation, and management of UI component snapshots for robust regression testing.

Performance Test Suite

Executes comprehensive load, stress, and benchmark tests to evaluate system stability and resource efficiency.

Secret Scanner

Detects and remediates exposed secrets, API keys, and credentials within your codebase to prevent security breaches.

Plugin Auditor

Audits AI assistant code plugins for security vulnerabilities, best practices, and standard compliance.

Code Injection Detector

Identifies and remediates code injection vulnerabilities using industry-standard security patterns and automated scanning.

SOC2 Compliance Checker

Automates the evaluation of system configurations and codebases against SOC2 security and compliance standards.

Input Validation Scanner

Scans source code to identify potential input validation vulnerabilities and injection risks before deployment.

Regression Test Tracker

Tracks and executes regression tests to ensure code stability and prevent functional regressions during development.

Security Header Analyzer

Analyzes HTTP security headers to identify vulnerabilities and provide actionable recommendations for website hardening.

Regression Test Tracker

Automates the management and execution of regression test suites to ensure code stability during development.

Snapshot Test Manager

Manages and updates snapshot tests across popular JavaScript frameworks using intelligent diff analysis to distinguish regressions from intentional UI changes.

Performance Test Suite

Automates the design, execution, and analysis of load, stress, and endurance tests to identify system bottlenecks.

Mobile App Testing Automation

Automates the creation and execution of end-to-end mobile tests for iOS and Android using industry-standard frameworks.

Authentication Security Validator

Analyzes and validates authentication implementations including JWT, OAuth, and sessions to ensure compliance with industry security standards.

Performance Test Suite

Automates the design, execution, and analysis of load, stress, and endurance tests to identify system bottlenecks and optimize performance.