Security & Testing Agent Skills

Smack Policy Generator

Generates SMACK mandatory access control policy files to ensure process isolation and secure resource access for Tizen applications.

Tizen Security Compliance

Maps security requirements to implementation and coordinates compliance against international standards for Tizen and IoT applications.

Atheris Python Fuzzing

Discovers vulnerabilities and edge-case bugs in Python code using Atheris coverage-guided fuzzing.

Fuzzing Dictionary Generator

Enhances security testing performance by building specialized dictionaries of magic values and syntax tokens for coverage-guided fuzzers.

Tizen Compliance Checker

Validates Tizen application compliance with official TCT standards across IoT, TV, and mobile profiles.

Cairo Vulnerability Scanner

Audits StarkNet smart contracts by scanning for critical Cairo-specific vulnerabilities including felt252 arithmetic and messaging issues.

Entry Point Analyzer

Identifies and categorizes state-changing entry points in smart contracts to streamline security audits and surface area mapping.

Tizen Static Security Analyzer

Detects memory leaks, buffer overflows, and coding vulnerabilities in Tizen C/C++ and JavaScript applications using specialized static analysis.

Rails Software Engineer

Implements Ruby on Rails features and bug fixes using a disciplined Test-Driven Development (TDD) workflow.

Layered Architecture Testing

Orchestrates comprehensive testing across architectural layers with coverage-first analysis and isolated worktrees.

Monty Django Code Review

Conducts hyper-pedantic, correctness-first backend reviews for Python and Django applications with a focus on multi-tenant safety.

Frappe Unit Test Generator

Generates production-grade unit tests for Frappe DocTypes, controllers, and API methods following ERPNext and Frappe core standards.

Sinatra Security Expert

Implements industry-standard security best practices for Sinatra applications to prevent common vulnerabilities like CSRF, XSS, and SQL injection.

Security Report Builder

Transforms raw security scanner results into professional, context-aware reports for executives and technical teams.

Mock Generator

Generates automated test mocks, stubs, and fixtures across multiple languages and testing frameworks.

PII Detector & Privacy Scanner

Scans codebases and files to identify personally identifiable information (PII) for GDPR and CCPA compliance.

Lighthouse CI Integrator

Integrates Lighthouse CI for automated performance audits, Core Web Vitals monitoring, and budget enforcement within CI/CD pipelines.

Accessibility Annotation Generator

Enhances web applications with ARIA labels, semantic HTML, and keyboard navigation support to ensure WCAG compliance.

Visual Regression Test Setup

Configures automated visual regression testing to detect unintended UI changes using pixel-perfect screenshot comparison tools.

OSS-Fuzz Integration

Integrates Claude Code with OSS-Fuzz to automate continuous fuzzing and identify memory safety vulnerabilities in open-source projects.

Solana Vulnerability Scanner

Scans Solana and Anchor programs for critical security vulnerabilities to ensure smart contract integrity.

Audit Context Builder

Performs granular, line-by-line code analysis to establish deep architectural context for security audits and bug hunting.

Constant-Time Testing

Verifies cryptographic implementations and sensitive code paths for timing side channels to prevent data leakage.

Aristotle Lean Theorem Prover

Automates Lean4 theorem proving and formal verification using the Harmonic API to fill proof gaps and identify counterexamples.

Property-Based Testing

Implements advanced property-based testing strategies to ensure code correctness and security through comprehensive input exploration and invariant validation.

Tizen Certification Coordinator

Orchestrates the Tizen certification lifecycle by coordinating TCT test execution, security policy auditing, and compliance documentation.

Tizen Sandbox Escape Detector

Tests Tizen application sandboxes for privilege escalation and escape vulnerabilities to ensure robust process isolation.

Substrate Vulnerability Scanner

Identifies seven critical security vulnerabilities in Substrate and Polkadot pallets during the development and auditing process.

Ruzzy Rust Fuzzing

Automates Rust vulnerability discovery using the Ruzzy fuzzing framework to identify security flaws and crashes.

Wycheproof Cryptographic Testing

Hardens cryptographic implementations by applying Google's Wycheproof test vectors to detect known vulnerabilities and edge-cases.