Security & Testing Agent Skills

AppSec Fix Verification

Validates security remediations by re-running scanners and performing deep AI code analysis to confirm vulnerabilities are fully resolved.

Plaited Test Greeting

Provides a standardized greeting with test markers to verify Claude Code skill integration.

MITRE ATT&CK Security Mapper

Enriches security findings by mapping vulnerabilities to the MITRE ATT&CK framework to visualize threat patterns and attack chains.

Data Integrity & Tampering Analysis

Identifies security vulnerabilities related to unauthorized data modification and injection attacks using the STRIDE threat model.

AppSec Project Assessment

Analyzes codebase architecture, tech stacks, and data sensitivity to recommend a prioritized security testing strategy.

Security Report Generator

Generates comprehensive security reports from vulnerability findings, scanner results, and analysis data.

Security Analysis & Vulnerability Scanner

Performs comprehensive security vulnerability scanning and ensures OWASP Top 10 compliance across your codebase.

Serverless Security Audit

Analyzes serverless applications for security vulnerabilities including overprivileged IAM policies, event injection, and insecure configuration.

Security Explainer

Explains complex security frameworks, vulnerability categories, and specific findings using real-world examples from your own codebase.

Skill Security Analyzer

Analyzes Claude skills for security risks, vulnerabilities, and safety concerns prior to deployment or execution.

Guardrails Reviewer

Validates project engineering standards and guardrails to ensure they are executable, consistent, and ready for implementation.

Workflow Testing with Subagents

Validates the clarity of orchestrator prompts and workflow documentation by simulating real-world execution failures with subagents.

QA Test Planner

Generates comprehensive test plans, manual test cases, and regression suites while validating implementation against Figma designs.

Scientific Python Testing

Implements robust, community-standard testing patterns for scientific Python packages using pytest and NumPy.

Konflux Build Provenance Tracer

Traces Konflux container images back to their source code, build logs, and SLSA attestations for complete supply chain visibility.

Test Strategy & Execution

Automates the design, execution, and debugging of comprehensive test suites across Vitest, Playwright, Jest, and Cypress frameworks.

PASTA Vulnerability Analysis

Identifies security weaknesses and maps vulnerabilities to CWE identifiers using the PASTA threat modeling methodology.

n8n Vigil Guard Security Workflow

Automates the development and maintenance of the Vigil Guard n8n security pipeline for advanced threat detection and dual-language PII redaction.

Database Testing Manager

Automates the creation of robust database testing workflows through test data generation, transaction management, and schema validation.

Security Checklist & Audit

Performs defense-in-depth security reviews including OWASP Top 10 compliance, secrets detection, and dependency vulnerability scanning.

Auth Implementation Patterns

Implements secure authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and RBAC.

Evidence Verification

Ensures all task completions are validated through executable proof including test results, build success, and deployment verification.

Systematic Debugging Strategies

Implements methodical debugging techniques and profiling tools to identify and resolve complex software bugs across multiple programming stacks.

FastAPI & Svelte Testing Specialist

Implements robust testing patterns for FastAPI backend endpoints and Svelte 5 frontend components using pytest and Vitest.

Secure PR Review & Workflow

Automates the creation of pull requests combined with deep security audits, architectural reviews, and project rule compliance checks.

Dependency Management

Performs a comprehensive five-phase health analysis of software dependencies across multiple programming ecosystems to ensure security, currency, and compliance.

Self-Test Skill Invocation

Verifies that the skill loading and invocation framework is functioning correctly by returning a specific canary phrase.

R TDD Workflow

Enforces a rigorous test-driven development cycle for R projects using the testthat framework to ensure high-quality code and comprehensive coverage.

Security & Vulnerability Assessment

Conducts evidence-based security audits and vulnerability assessments to ensure production-grade application hardening.

Eval Harness (Frozen Evaluation)

Gates and validates self-improvement cycles through frozen benchmarks and regression testing to prevent AI quality degradation.