Security & Testing Agent Skills

Performance Engineering

Optimizes system responsiveness and scalability through comprehensive load testing, deep profiling, and full-stack tuning strategies.

Vulnerability Management & DevSecOps

Implements multi-layer security scanning, SBOM generation, and risk-based vulnerability prioritization within CI/CD pipelines.

Security Architecture Designer

Architects comprehensive security frameworks using defense-in-depth, zero trust principles, and strategic threat modeling.

Implementation Verification

Validates code implementations against documentation to ensure strict compliance with architectural designs and business requirements.

Firewall Configuration & Security

Configures host-based and cloud firewalls with security best practices to harden servers and implement network segmentation.

Testing Strategies

Architects comprehensive, high-performance test suites by strategically balancing unit, integration, E2E, and contract testing across multiple languages.

Advanced Debugging Techniques

Provides expert debugging strategies for Python, Go, Rust, and Node.js across local, containerized, and production environments.

Security Hardening

Hardens production infrastructure across OS, container, cloud, network, and database layers using CIS Benchmarks and zero-trust principles.

Secure Secret Management

Manages the lifecycle of API keys, database credentials, and certificates across cloud providers and Kubernetes environments.

Safe Code Refactoring

Systematically improves code structure and quality while strictly preserving external behavior through a test-driven protocol.

Secure TLS Implementation

Configures TLS certificates and encryption protocols to secure web applications and service-to-service communications.

LLM Evaluation Framework

Evaluates Large Language Model performance using automated metrics, LLM-as-judge patterns, and RAG validation frameworks.

Constitution Validation

Automates project governance through discovery-based rule generation and multi-level compliance checking.

SIEM & Security Logging

Configures centralized security information and event management systems for threat detection, compliance auditing, and log aggregation.

Secure SaaS Foundation

Implements essential security protocols, authentication best practices, and data protection standards for SaaS applications built with AI tools.

Systematic Debugger

Resolves application errors and failures through a disciplined, diagnostic-first approach optimized for solo founders.

SaaS Manual Testing & QA

Guides solo founders through comprehensive manual testing workflows, edge case identification, and cross-browser QA strategies.

TypeScript Testing (Frontend)

Standardizes frontend testing workflows using Vitest, React Testing Library, and MSW for production-grade React components.

Integration & E2E Test Designer

Designs high-ROI integration and E2E tests using behavior-first principles and property-based verification patterns.

Promptfoo LLM Evaluation

Automates and optimizes LLM output testing and prompt evaluation using the Promptfoo framework.

Repomix Safe Mixer

Protects sensitive data by automatically detecting and removing hardcoded credentials before packaging codebases with Repomix.

Manual Acceptance Tester

Automates the creation and execution of persistent bash-based manual test suites to verify story acceptance criteria.

AI Test Research Assistant

Conducts deep research into real-world edge cases, competitor solutions, and customer pain points to ensure comprehensive test coverage.

Code Quality & Architecture Checker

Performs automated code quality audits using quantitative metrics, architectural validation, and MCP-driven best practice research.

Quality Pipeline Coordinator

Orchestrates a comprehensive code quality pipeline by sequencing static analysis, tech debt cleanup, AI agent reviews, and regression testing.

Test Planning Orchestrator

Orchestrates the complete test planning pipeline by coordinating research, manual verification, and automated test creation.

QA Strategy & Testing Expert

Establishes professional QA testing processes and autonomous execution workflows using Google Testing Standards and OWASP security practices.

Automated Test Planner

Generates high-impact, risk-based automated test plans for E2E, integration, and unit testing based on real manual results.

Azure Compliance & Security Audit

Conducts comprehensive security audits and compliance assessments for Azure environments, including Key Vault monitoring and resource validation.

Coding Standards & Quality

Enforces production-grade coding principles, maintainability patterns, and rigorous testing workflows for software development.