Security & Testing Agent Skills

Pre-Commit Design Review

Performs expert-level design analysis to detect architectural debt, primitive obsession, and abstraction issues that automated linters cannot identify.

Security Audit Toolkit

Performs comprehensive client-side security assessments of web applications to identify vulnerabilities and compliance issues.

Linter-Driven Development

Orchestrates an autonomous Go development workflow by integrating design, testing, linting, and refactoring into a continuous quality-controlled pipeline.

SSE Event Router Testing

Automates the validation of Server-Sent Events (SSE) endpoints and real-time streaming logic in Hono.js applications.

Complete Test Coverage

Achieves 100% test coverage through progressive test writing, redundancy elimination, and automated fixture restructuring.

Rust Mocking & Unit Testing

Simplifies Rust unit testing by generating mock implementations for traits and external dependencies using the mockall crate.

Codex CLI Integration

Orchestrates multi-agent engineering workflows by integrating the OpenAI Codex CLI for cross-model verification and automated code auditing.

Rune Ash Guide

Orchestrates multi-agent engineering teams within Claude Code for advanced code reviews, audits, and automated testing.

Web App Testing & Playwright Automation

Automate, test, and interact with web applications using Playwright for both Python and TypeScript environments.

Quality Verification Framework

Audits code quality and production readiness through structured grading and multi-dimensional verification checks.

Intelligent Dependency Manager

Automates multi-ecosystem dependency updates with security-first prioritization, risk assessment, and historical outcome tracking.

Compliance Report Generator

Automates the creation of professional security and regulatory compliance reports within the Claude Code environment.

Testing Best Practices & Standards

Establishes a rigorous testing philosophy focused on behavioral outcomes, coverage priorities, and clean naming conventions.

Spec-to-Code Coverage Map

Generates visual mapping and coverage statistics to track the relationship between specification files and implementation code.

IDA Pro Plugin Packager

Streamlines the creation, validation, and distribution of IDA Pro plugins for the Hex-Rays Plugin Manager.

Brownfield Project Modernizer

Automates dependency upgrades, breaking change fixes, and spec synchronization for Node.js and TypeScript projects.

LARP & Fake Code Detector

Detects performative code, test theater, and misleading implementation patterns to ensure codebase integrity and functional reliability.

Security Code Review

Performs comprehensive security audits using source-to-sink methodology to identify vulnerabilities and provide remediation guidance.

Input Validation Security

Protects applications by implementing exhaustive validation at trust boundaries and mitigating common injection vulnerabilities.

Pharaoh MECE Analysis

Validates sphinx-needs requirement sets for structural integrity, traceability gaps, and logical consistency.

Pharaoh Verify

Validates that project implementations and specifications substantively satisfy their linked parent requirements in sphinx-needs projects.

Odoo Code Reviewer

Reviews Odoo 16.0 source code for security vulnerabilities, performance bottlenecks, and compliance with OCA coding standards.

Style Audit

Audits and rewrites code to align with CI/CD style rules, quality guidelines, and best practices while preserving functional correctness.

WF Verifier

Conducts comprehensive end-of-cycle quality reviews, architectural audits, and documentation health checks to ensure production readiness.

Theater Detection Audit

Identifies and replaces placeholder code, mock data, and incomplete implementations with production-ready logic to ensure codebase integrity.

Defense-in-Depth Validation

Implements multi-layered data validation strategies to eliminate deep-system failures and make bugs structurally impossible.

IDA Pro Headless Analysis

Performs automated binary analysis and reverse engineering using IDA Pro's modern Pythonic Domain API.

C Memory Safety & Security

Safeguards native C code by enforcing memory safety patterns, bounds checking, and preventing common vulnerabilities like buffer overflows.

Quality Review Orchestrator

Coordinates a comprehensive quality assessment by executing specialized skills for risk, testing, traceability, and non-functional requirements to generate a final quality gate decision.

Validate Test Reality

Validates test coverage against real-world production scenarios and identifies critical gaps between specifications and reality.