Security & Testing Agent Skills

Root Cause Tracing

Systematically traces software bugs backward through the call stack to identify and resolve original triggers at their source.

Enterprise Requirements Writing & Gherkin

Standardizes the software development lifecycle by generating testable User Stories and Gherkin scenarios for enterprise Rails applications.

Terraform Test Expert

Validates infrastructure-as-code configurations using the native Terraform testing framework and .tftest.hcl patterns.

Verification & Quality Assurance

Ensures codebase reliability through real-time truth scoring, automated code verification, and an intelligent rollback system.

Maven Build and Test Strategy

Orchestrates parallel Maven builds and intelligent test execution for complex Java and Scala projects.

ast-grep

Performs AST-based code search, linting, and structural refactoring across multiple programming languages.

TDD Workflow for Claude Code

Enforces a strict Red-Green-Refactor cycle for software development tasks using automated gate hooks and evidence tracking.

Cloudflare Security Checker

Validates Cloudflare Workers security patterns in real-time to prevent vulnerabilities and enforce serverless best practices.

Auth Security Validator

Validates authentication and session management configurations against OWASP security standards to prevent common vulnerabilities.

Quality Gates

Implements multi-level quality verification procedures to ensure code security, performance, and production readiness.

Theater Code Detection

Identifies non-functional code that appears complete but lacks operational logic to ensure production reliability.

Playwright E2E Testing

Enforces standardized end-to-end testing workflows using Playwright with custom fixtures and Page Object Models.

Web Application Testing

Automates local web application testing and UI verification using Playwright and server management utilities.

Python Testing Patterns

Implements professional Python testing strategies using pytest, advanced fixtures, and comprehensive mocking techniques.

Global Security

Guides AI-assisted coding to adhere to established global security standards and best practices.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure all production code is verified by failing tests before implementation.

Ark Chainsaw Testing

Executes and scaffolds end-to-end Ark resource tests using the Chainsaw framework and mock-LLM configurations.

Testify Go TDD Assistant

Implements Go unit tests and mocks using the Testify framework following Test-Driven Development best practices.

Framework Repair Suggester

Diagnoses framework and tooling malfunctions to propose structured, systematic repair strategies and task templates.

AST-Grep Code Search

Performs sophisticated structural code searches and architectural analysis using Abstract Syntax Tree patterns.

Web3 Smart Contract Testing

Develops and executes comprehensive test suites for Solidity smart contracts using Hardhat and Foundry frameworks.

Form Security Analyzer

Performs automated static security audits on HTML forms to identify vulnerabilities like missing CSRF protection and insecure data handling.

Code Clone Assistant

Identifies and refactors code duplication using a multi-tool approach to enforce DRY principles and reduce technical debt.

Playwright Security Runner

Automates dynamic security audits and penetration testing for web forms using browser-driven payload execution.

Kubernetes Security Policies

Implements production-grade Kubernetes security configurations including NetworkPolicies, Pod Security Standards, and RBAC to harden cluster environments.

Python Testing Patterns

Implements professional testing strategies for Python applications using pytest, advanced mocking, and test-driven development best practices.

Attack Methods Lookup

Provides detailed web vulnerability intelligence, exploit payloads, and bounty payout estimates for security auditing.

E2E Testing Patterns

Master end-to-end testing with Playwright and Cypress to build reliable, bug-free web applications and automated test suites.

WCAG & ARIA Accessibility Lookup

Provides instant access to WCAG 2.1 AA criteria and WAI-ARIA implementation patterns with official W3C references.

NVD CVE Vulnerability Search

Searches the NIST National Vulnerability Database to identify security vulnerabilities and assess risk scores for software components.