Security & Testing Agent Skills

Pentest Checklist

Guides users through a structured methodology for planning, executing, and managing professional penetration testing engagements.

Advanced Vulnerability Scanner

Identifies and prioritizes code vulnerabilities using OWASP 2025 standards, supply chain auditing, and attack surface mapping.

Production Code Auditor

Autonomously transforms entire codebases into enterprise-grade, production-ready software through deep-scan audits and automated refactoring.

Active Directory Security Testing

Facilitates comprehensive penetration testing and security audits of Microsoft Active Directory environments.

Privilege Escalation Methods

Provides comprehensive techniques and automated workflows for escalating privileges on compromised Linux and Windows systems during security assessments.

Verification Before Completion

Enforces rigorous evidence-based reporting and command verification before any task is marked as complete or successful.

Clerk Authentication Integration

Streamlines the implementation of Clerk authentication and authorization patterns in Next.js applications.

Jest & TDD Testing Patterns

Implements robust testing strategies using Jest, TDD workflows, and factory patterns for maintainable codebases.

Production Code Audit

Transforms codebases into enterprise-grade software by performing autonomous deep-scans for security, performance, and architectural vulnerabilities.

Better Auth Integration

Implements secure, framework-agnostic authentication and authorization systems using the Better Auth TypeScript framework.

Broken Authentication Security Testing

Identifies and evaluates authentication and session management vulnerabilities in web applications to prevent unauthorized access and identity theft.

Production Code Audit & Hardening

Transforms entire codebases into production-grade, enterprise-level systems through autonomous deep-scanning and systematic optimization.

Privilege Escalation Methods

Provides comprehensive methodologies and technical commands for escalating system privileges on Linux and Windows environments.

API Security & Fuzzing Specialist

Conducts comprehensive security assessments and fuzzing across REST, SOAP, and GraphQL APIs to identify vulnerabilities like IDOR and injection.

Broken Authentication Security Testing

Identifies and evaluates authentication and session management vulnerabilities in web applications to prevent unauthorized access and account takeovers.

Smart Test Fixer

Systematically identifies and resolves failing tests using intelligent error grouping and prioritized fixing strategies.

Shodan Reconnaissance & Security Auditing

Conducts comprehensive reconnaissance on internet-connected devices and services using the Shodan search engine, CLI, and API.

Shodan Reconnaissance & Pentesting

Automates network reconnaissance and vulnerability discovery using Shodan to identify exposed internet-connected devices and services.

Verified Completion Guardrail

Enforces a strict verification protocol requiring fresh command output and evidence before any work is claimed as complete.

Active Directory Attack & Audit

Facilitates comprehensive security assessments and penetration testing of Microsoft Active Directory environments through guided reconnaissance and exploitation workflows.

Wireshark Network Traffic Analysis

Analyzes network traffic and packet captures using Wireshark to troubleshoot connectivity and investigate security incidents.

Network 101: Pentest Lab Setup

Configures and tests network services like HTTP, HTTPS, SNMP, and SMB for security research and penetration testing labs.

IDOR Vulnerability Testing

Provides systematic methodologies and workflows for identifying, exploiting, and remediating Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.

Verification Before Completion

Enforces rigorous evidence-based verification before any task is marked as finished, committed, or merged.

API Fuzzing & Bug Bounty Toolkit

Guides comprehensive API security testing and vulnerability discovery across REST, GraphQL, and SOAP architectures.

Web App Testing & Playwright Toolkit

Provides a comprehensive toolkit for automating and testing local web applications using Playwright and automated server management.

Raven Test

Automates deep QA processes including edge case verification, code quality audits, and comprehensive test reporting.

Web Application Testing

Automates frontend testing and browser interactions for local web applications using Playwright scripts.

Ethical Hacking Methodology

Guides users through the complete penetration testing lifecycle from reconnaissance and scanning to exploitation and professional reporting.

TDD Workflow Pro

Implements a rigorous Test-Driven Development cycle to ensure high-quality, bug-free code through iterative Red-Green-Refactor patterns.