Security & Testing Agent Skills

ProofGeneral Narya: Higher-Dimensional Type Theory

Automates higher-dimensional formal verification and version control using observational type theory and hierarchical agent structures.

JavaScript Testing Patterns

Implements comprehensive testing strategies for JavaScript and TypeScript applications using modern frameworks and best practices.

Black Hat Go Security Knowledge Base

Provides an extensive library of offensive security techniques and defensive patterns in Go for advanced red teaming and agentic simulations.

GitHub Speckit Tester

Orchestrates the complete Speckit workflow pipeline non-interactively using subagents to automate the transition from specification to implementation.

1Password Secrets Reader

Retrieves credentials, API keys, and secure documents from 1Password using the official op CLI integration.

CodeQL Static Analysis

Performs deep semantic code analysis to detect security vulnerabilities, track data flow, and conduct comprehensive security audits.

1Password Secret Creator

Automates the creation of secure 1Password items including logins, API keys, and notes via the 1Password CLI.

clj-kondo Clojure Linter

Analyzes Clojure source code to detect syntax errors, enforce best practices, and implement domain-specific linting rules through custom hooks.

Security Engineer

Implements robust security best practices and protection patterns across the entire application stack.

ast-grep

Performs AST-based code search, linting, and structural refactoring across multiple programming languages.

Security Reviewer

Analyzes code for OWASP Top 10 vulnerabilities, secrets exposure, and insecure implementation patterns to ensure production-grade security.

Move Smith Fuzzer

Implements differential fuzzing and property-based testing for Move smart contracts to identify consensus-breaking bugs and edge cases.

Vibesafe Code Generation & Testing

Manages the Vibesafe toolchain to scan units, generate implementations from specifications, and run quality tests within Claude Code.

Root Cause Tracing

Traces software bugs backward through the call stack to identify and resolve the original trigger rather than just treating symptoms.

macOS MDM Cobordism Management

Automates macOS Mobile Device Management (MDM) using a cobordism-based state machine for secure credential derivation and device orchestration.

fnox Secrets Management

Manages encrypted secrets using age encryption and DuckDB-based catalogs within a triadic GF(3) framework.

Aqua Voice Malleability Analysis

Performs adversarial malleability analysis and security research on the Aqua Voice Electron application using IPC injection and WebSocket interception.

Merkle Proof Validator

Validates cryptographic Merkle inclusion proofs to verify data membership within a tree structure without requiring the full dataset.

Promptfoo Config

Streamlines the configuration and execution of promptfoo for rigorous LLM evaluation and regression testing.

QA Regression Testing with Playwright

Automates browser-based regression testing using a modular Playwright framework and reusable test skills.

Aristotle Lean Theorem Prover

Automates Lean4 theorem proving and formal verification using the Harmonic API to fill proof gaps and identify counterexamples.

Skill Reviewer

Maintains high quality standards for Claude Code skills through systematic auditing and a comprehensive 10-point quality checklist.

AFL++ Fuzzing

Performs comprehensive binary and source code fuzzing using the AFL++ framework to identify software vulnerabilities.

CORS Configuration Validator

Validates and secures Cloudflare Workers CORS configurations to ensure proper header handling and cross-origin security.

Security Best Practices & Patterns

Implements production-grade security patterns and OWASP best practices for authentication, input validation, and data protection.

Codex CLI

Analyzes, reviews, and validates codebases using advanced OpenAI Codex models with configurable reasoning levels.

FTC Security Review

Audits FTC robot code and scripts for security vulnerabilities, credential leaks, and unsafe file operations.

QA Screenshot Management

Standardizes screenshot capture, naming, and organization to ensure visual traceability and consistency during QA testing.

Automated Code Review

Conducts comprehensive automated code reviews for pull requests to enhance security, performance, and code quality.

Claude Code Permission Manager

Configures granular tool permissions and security rules within Claude Code to protect sensitive files and manage access.