Security & Testing Agent Skills

QA Tester Agent

Automates the creation, execution, and verification of unit, integration, and E2E tests using Jest and Supertest.

1Password + direnv Secrets Management

Optimizes secret loading by integrating the 1Password CLI with direnv using high-performance patterns.

Web3 Smart Contract Testing

Standardizes the creation and execution of comprehensive test suites for Solidity smart contracts using Hardhat and Foundry.

SAST Configuration & Security Scanning

Automates the setup and configuration of Static Application Security Testing (SAST) tools to detect vulnerabilities in source code across multiple languages.

Solidity Security & Audit

Implements industry-standard security patterns and audits smart contracts to prevent critical vulnerabilities in Ethereum-based applications.

LLM Evaluation & Benchmarking

Implements comprehensive evaluation frameworks for LLM applications using automated metrics, human-in-the-loop feedback, and statistical A/B testing.

Shell Testing with Bats

Masters the Bash Automated Testing System (Bats) to create robust, production-grade test suites for shell scripts and utilities.

JavaScript Testing Patterns

Implements robust testing strategies for JavaScript and TypeScript applications using industry-standard frameworks and advanced mocking patterns.

Auth Implementation Patterns

Implements secure access control systems using industry-standard JWT, OAuth2, and session management patterns.

Testing Foundations

Implements industry-standard testing patterns and best practices to ensure high-quality code reliability and maintainable test suites.

Data Quality Expert

Ensures data integrity and reliability using dbt tests, Great Expectations, and advanced monitoring strategies.

SDD Implementation Fidelity Review

Reviews implementation fidelity against specifications by comparing actual code to requirements and identifying deviations.

Test-Driven Development (TDD) Superpowers

Enforces a strict test-first development workflow to ensure code reliability and eliminate technical debt.

Skill Testing with Subagents

Applies Test-Driven Development (TDD) principles to verify and bulletproof Claude Code skills against agent rationalization.

Autonomous Debugging Mode

Implements a systematic, hypothesis-driven debugging workflow for Claude Code that automates log injection and root-cause analysis.

Deep-Env Secure Credential Management

Manages and syncs environment variables securely across multiple macOS devices using hardware-backed keychain storage and iCloud.

IaC Security Scanner

Scans Infrastructure as Code (IaC) templates for security misconfigurations and compliance issues using industry-standard tools like tfsec and Checkov.

Testing Anti-Pattern Guard

Prevents common testing pitfalls like mocking behavior over reality and polluting production code with test-only methods.

Project Validation

Automates comprehensive project integrity checks to ensure correct initialization and deployment readiness.

Web Application Testing

Automates end-to-end browser testing and UI verification for web applications using Playwright.

NuxtUI TDD Development

Implements Vue 3 components using NuxtUI through a strict test-driven development workflow involving Storybook interaction tests and automated TDD guardrails.

Authentication & Access Control

Implements secure user authentication and multi-tenant access control for Next.js 15 and Supabase applications using server-side patterns.

Security Review

Implements industry-standard security protocols and audits code for vulnerabilities using comprehensive checklists and patterns.

OpenWebF Testing with Vitest

Sets up and optimizes Vitest and React Testing Library for OpenWebF applications to ensure high-quality, reliable code.

Condition-Based Waiting

Replaces arbitrary test timeouts with smart condition polling to eliminate race conditions and flaky test behavior.

Security Vulnerability Validation

Validates security scan results by performing reachability analysis and generating proof-of-concept exploits to confirm real-world exploitability.

DotNet Test Triage

Automates .NET test failure analysis by capturing failing cases and generating optimized rerun filters.

Secret Scanner

Scans codebases for exposed secrets, API keys, and credentials to prevent security vulnerabilities and data leaks.

Security Code Review Agent

Conducts comprehensive security audits to identify vulnerabilities like SQL injection and XSS while providing actionable remediation guidance.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor cycle to ensure code reliability by requiring failing tests before any implementation code is written.