Security & Testing Agent Skills

LibAFL Fuzzing Library

Builds modular, high-performance custom fuzzers using the LibAFL framework for advanced security testing and research.

Variant Analysis Expert

Identifies and hunts for recurring security vulnerabilities and bug patterns across entire codebases using systematic pattern-based analysis.

Code Maturity Assessor

Evaluates codebase security and maturity using the Trail of Bits framework to provide evidence-based ratings and prioritized improvement roadmaps.

Django Access Control & IDOR Review

Conducts deep security investigations into Django and DRF authorization logic to identify and prevent Insecure Direct Object Reference (IDOR) vulnerabilities.

Maverick Scope Boundaries

Enforces strict safety guardrails and authorization protocols to prevent unauthorized infrastructure, security, or production system changes.

Systematic Debugging Workflow

Implements a disciplined four-phase approach to debugging that prioritizes root cause investigation over trial-and-error fixing.

Local Code Verification

Automates local pre-push checks including linting, typechecking, and testing to ensure code quality before deployment.

Systematic Debugging

Orchestrates a rigorous four-phase root cause analysis process to identify, isolate, and permanently resolve software bugs.

Testing Strategy & Best Practices

Standardizes test implementations across Vitest, Playwright, and pytest to ensure high-quality, reliable software delivery.

Rust Test Workflow

Executes and reports on Rust unit, integration, and documentation tests using a specialized subagent for structured validation.

Secure Workflow Guide

Implements the industry-standard Trail of Bits 5-step secure development workflow to audit smart contracts and identify vulnerabilities.

Node.js Testing Strategy

Implements standardized testing conventions and patterns for Node.js, Express, and NestJS applications using Jest, Vitest, and Supertest.

Solidity Function Audit Eval

Automates multi-stage Solidity smart contract audits for CI/CD and evaluation pipelines using Claude Code.

Sharp Edges API & Security Auditor

Identifies error-prone API designs, dangerous configurations, and security footguns to ensure code follows secure-by-default principles.

Semgrep Rule Variant Creator

Ports existing Semgrep security and quality rules to new target languages using a rigorous, test-driven validation workflow.

Structured Troubleshooting & Debugging

Implements a disciplined, multi-phase methodology to systematically diagnose and resolve complex software bugs and performance bottlenecks.

Semgrep Static Analysis

Performs rapid security scanning and custom pattern matching to identify vulnerabilities and enforce coding standards across diverse codebases.

Verification Before Completion

Validates that tasks are genuinely resolved through a rigorous multi-level verification protocol before marking them as done.

Temporal Python Testing

Streamlines testing of Temporal workflows and activities in Python using time-skipping, mocking, and determinism validation.

Python Testing Strategy

Standardizes Python testing practices for FastAPI, Django, and Flask using modern pytest conventions and fixtures.

Rust Test-Driven Development

Enforces the Red-Green-Refactor cycle in Rust projects using cargo test to ensure high-quality, bug-free code through iterative testing.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, mocking, and test-driven development best practices.

Rust Testing Rules

Standardizes Rust unit and integration testing workflows by enforcing best practices for mocks, test structures, and the testing pyramid.

PR Review Framework

Performs systematic, 7-dimension code reviews to ensure high standards of correctness, security, and performance.

Java & Spring Boot Testing Strategy

Implements comprehensive Java and Spring Boot testing conventions using JUnit 5, Mockito, and Testcontainers.

Universal Testing Strategy

Provides language-agnostic testing principles to ensure robust, maintainable, and high-quality codebases.

Bug Finder & Security Auditor

Identifies security vulnerabilities, logical bugs, and code quality issues within local Git branch changes.

Web Application Testing

Automates the interaction and testing of local web applications using Playwright scripts and built-in server management.

Bug & Security Auditor

Performs systematic security audits and bug detection on local code changes using a structured multi-phase review process.

Bug Finder & Security Auditor

Performs deep security audits and bug detection on local branch changes using a rigorous five-phase analysis process.