Security & Testing Agent Skills

API Fuzzer

Performs automated fuzz testing on REST APIs to identify security vulnerabilities, input validation flaws, and edge-case failures.

Automation Workflow Validator

Validates and audits automation workflow JSON files for Power Automate, n8n, Make, and Zapier to ensure deployment readiness.

Access Control Auditor

Identifies security vulnerabilities and misconfigurations in IAM policies, ACLs, and permission systems to ensure robust access management.

Systematic Debugging

Establishes a rigorous, four-phase methodology to identify root causes and implement reliable fixes for software defects.

SOC 2 Audit Helper

Streamlines SOC 2 audit preparation by automating evidence gathering, Trust Service Criteria assessments, and compliance gap analysis.

Test-Driven Development

Enforces a strict Red-Green-Refactor workflow to ensure all code is verified by failing tests before implementation.

Web Application Testing

Tests and debugs local web applications using automated Playwright scripts and integrated server lifecycle management.

Form Debugger & Auditor

Audits web forms for accessibility, validation, security, and autocomplete compatibility using Playwright automation.

Load Test Runner

Generates and executes comprehensive load testing scripts to validate application performance and identify architectural bottlenecks.

Dependency Checker

Scans project dependencies for security vulnerabilities, outdated packages, and license compliance across multiple programming languages.

Unit Test Generator

Generates comprehensive unit tests across multiple languages and frameworks to ensure code reliability and coverage.

Compliance Report Generator

Automates the creation of security compliance reports and audit documentation for standards like PCI DSS, HIPAA, and SOC 2.

Sandbox Manager

Configures and manages security sandboxing for Claude Code to ensure isolated and restricted execution of untrusted or sensitive code.

React Testing Patterns

Applies best practices for React and TypeScript testing by prioritizing user behavior, accessible queries, and realistic API mocking.

Test Report Generator

Generates professional test reports with coverage metrics and trend analysis to streamline quality assurance and stakeholder communication.

Pre-Commit Design Review

Validates TypeScript and React code against design principles, accessibility standards, and architectural best practices beyond what standard linters can enforce.

Linter-Driven Development

Orchestrates a comprehensive development workflow for TypeScript and React by integrating design, automated testing, linting loops, and pre-commit reviews.

API Fuzzer

Automates API fuzzing to identify security vulnerabilities, edge cases, and potential system crashes through specialized testing patterns.

Refactoring

Enhances code maintainability and reduces complexity through autonomous linter-driven patterns like storifying and dependency rejection.

NestJS Authentication

Implements secure and idiomatic authentication and authorization systems in NestJS applications using JWT, guards, and role-based access control.

Network Mock Server

Creates a flexible API mocking layer to intercept, record, and modify network requests for deterministic frontend testing.

Pre-Commit Design Review

Performs expert-level design analysis to detect architectural debt, primitive obsession, and abstraction issues that automated linters cannot identify.

Rails Error Prevention

Prevents common Ruby on Rails runtime errors and architectural pitfalls through proactive checklists and verification strategies.

Linter-Driven Development

Orchestrates an autonomous Go development workflow by integrating design, testing, linting, and refactoring into a continuous quality-controlled pipeline.

Compliance Management Analyst

Facilitates end-to-end security compliance for GDPR, SOC 2, and ISO 27001 through automated checklists and audit preparation guidance.

Backend Bugfix & Testing

Resolves backend test failures and debugs Python, FastAPI, and SQLAlchemy errors using a structured TDD workflow.

CCG Code Guardian

Enhances development workflows with persistent memory, automated security guarding, and multi-agent coordination for complex repositories.

Secrets Manager Integrator

Automates the setup and configuration of secrets management tools like HashiCorp Vault and AWS Secrets Manager for secure infrastructure.

Memory Deallocation & Free Safety Auditor

Detects and analyzes improper memory deallocation patterns including mismatched allocators, double frees, and invalid pointer usage in C/C++ code.

Adversarial Fingerprint Testing

Validates Pivot pipeline fingerprinting by identifying code changes that bypass cache invalidation logic.