Security & Testing Agent Skills

Attack Methods Lookup

Provides detailed web vulnerability intelligence, exploit payloads, and bounty payout estimates for security auditing.

1Password Credential Lookup

Retrieves secure login credentials and passwords from 1Password vaults using website URLs and domain matching.

WCAG & ARIA Accessibility Lookup

Provides instant access to WCAG 2.1 AA criteria and WAI-ARIA implementation patterns with official W3C references.

Cross-Distro E2E Container Testing

Automates end-to-end installer testing within isolated Docker containers across multiple Linux distributions like Ubuntu, Debian, and Fedora.

NVD CVE Vulnerability Search

Searches the NIST National Vulnerability Database to identify security vulnerabilities and assess risk scores for software components.

Cantordust Binary Visualization

Visualizes binary data as bitmaps to enable human pattern recognition for reverse engineering and security analysis.

Solidity Security

Implements secure smart contract patterns and audits Solidity code to prevent common blockchain vulnerabilities and exploits.

Cloudflare Security Checker

Validates Cloudflare Workers security patterns in real-time to prevent vulnerabilities and enforce serverless best practices.

SAST Security Runner

Automates static application security testing using Semgrep to identify vulnerabilities, security anti-patterns, and OWASP Top 10 issues.

Python Testing Specialist

Implements comprehensive Python testing strategies using pytest, including unit tests, integration tests, and advanced mocking patterns.

Mock Orchestrator

Simulates a multi-layered agent architecture to test thinking token capture and skill orchestration across complex workflows.

Security Ownership Map & Git Risk Analyzer

Analyzes Git history to map code ownership, identify security risks like low bus factors, and visualize developer-to-file topologies.

Auth Security Validator

Validates authentication and session management configurations against OWASP security standards to prevent common vulnerabilities.

Substitute Eraser

Scans codebases for placeholders, TODOs, and stubs to generate structured remediation plans for technical debt.

OpenSpec Change Verifier

Validates that code implementations align perfectly with specifications, tasks, and design documents before archiving changes.

Debugging Memory

Prevents redundant troubleshooting by integrating a persistent, searchable memory system for software bugs and resolutions.

NERV LocalSend Connectivity Tester

Facilitates rapid peer discovery and LocalSend connectivity testing with integrated Italian voice announcements.

TypeScript Testing Pro

Implements professional TypeScript testing patterns using Jest and Vitest to ensure high-quality, reliable code.

Signal Isolated Auth

Enforces maximal security isolation for Signal authentication using nested VM and container boundaries with colored operad constraints.

Regression Testing Orchestrator

Automates the evaluation and implementation of regression tests following bug fixes to ensure long-term code stability.

ProofGeneral Narya: Higher-Dimensional Type Theory

Automates higher-dimensional formal verification and version control using observational type theory and hierarchical agent structures.

Enterprise Cybersecurity Policy Generator

Generates framework-compliant enterprise cybersecurity policies in multiple formats using industry-standard templates from SANS and CIS Controls.

Black Hat Go Security Knowledge Base

Provides an extensive library of offensive security techniques and defensive patterns in Go for advanced red teaming and agentic simulations.

Move Smith Fuzzer

Implements differential fuzzing and property-based testing for Move smart contracts to identify consensus-breaking bugs and edge cases.

macOS MDM Cobordism Management

Automates macOS Mobile Device Management (MDM) using a cobordism-based state machine for secure credential derivation and device orchestration.

fnox Secrets Management

Manages encrypted secrets using age encryption and DuckDB-based catalogs within a triadic GF(3) framework.

Aqua Voice Malleability Analysis

Performs adversarial malleability analysis and security research on the Aqua Voice Electron application using IPC injection and WebSocket interception.

Merkle Proof Validator

Validates cryptographic Merkle inclusion proofs to verify data membership within a tree structure without requiring the full dataset.

Test-Driven Development (TDD)

Enforces a strict test-first development workflow by requiring failing tests before any production code is written.

Systematic Debugging

Enforces a rigorous, four-phase debugging methodology to identify root causes and implement stable fixes without guesswork.