Security & Testing Agent Skills

Container Security & Escape Expert

Conducts deep security assessments and penetration tests for Docker and Kubernetes environments to identify and exploit vulnerabilities.

Security File Transfer Techniques

Facilitates advanced file transfers and data exfiltration across Linux and Windows using diverse protocols and living-off-the-land techniques.

Linux Privilege Escalation

Identifies and exploits Linux privilege escalation vectors including SUID binaries, sudo misconfigurations, and kernel vulnerabilities.

Network Service Enumeration

Performs professional-grade discovery, enumeration, and security assessment of network services and database protocols.

Password Attacks & Credential Cracking

Conducts professional password hash cracking, credential spraying, and authentication brute-force attacks using industry-standard tools.

Phishing and Social Engineering Toolkit

Conducts authorized social engineering assessments, phishing simulations, and credential harvesting to test organizational security awareness.

Web3 & Smart Contract Security

Audits and identifies vulnerabilities in smart contracts and Web3 applications using expert penetration testing techniques.

Windows Privilege Escalation Expert

Provides expert guidance and automated command patterns for escalating privileges on Windows systems during security audits.

CodeQL Security Analysis

Performs deep static analysis to identify security vulnerabilities, track data flow, and perform taint analysis across complex codebases.

Differential Security Review

Performs deep, security-focused differential analysis on code changes to identify risks, calculate blast radius, and prevent vulnerabilities.

Security Audit & OWASP Compliance

Performs comprehensive security reviews and code audits using the OWASP Top 10 framework to identify and remediate vulnerabilities.

Bug Finder & Security Auditor

Performs deep security audits and bug detection on local branch changes using a rigorous five-phase analysis process.

Playwright E2E Test Suite

Automates comprehensive end-to-end testing by researching codebases, executing Playwright browser journeys, and verifying database integrity.

BD Test Design

Architects comprehensive software testing strategies and implementations across unit, integration, and E2E layers.

Subagent Quality Reviewer

Analyzes and optimizes Claude Code subagents based on industry best practices to ensure high-quality, reliable AI workflows.

Security Incident Response

Manages the end-to-end lifecycle of security vulnerability reports and patches through coordinated disclosure and timely communication.

Architecture Review Agent

Audits cloud-native architectures and codebases to ensure high reliability, security, and operational readiness.

ERC-4337 Privacy Wallet Dev

Builds secure, privacy-preserving ERC-4337 account abstraction wallets for vehicle identity and sensitive data protection.

Code Reviewer Pro

Reviews code changes for security, performance, and maintainability while providing actionable, prioritized feedback aligned with repository standards.

Python Security and Privacy Refactoring

Audits Python research code for data leaks, PII exposure, and license compliance risks.

Validate-Integrity 150

Validates work quality and goal alignment through a rigorous final self-check protocol before delivery.

MCP Testing Suite

Provides standardized patterns and utilities for unit testing and LLM-driven evaluation of Model Context Protocol (MCP) tools.

Firebase APK Security Scanner

Audits Android APK files for Firebase security vulnerabilities and misconfigurations including exposed databases and storage buckets.

Verification Loop

Automates comprehensive quality assurance gates including build verification, type checking, testing, and security scanning for coding workflows.

Cosmos Vulnerability Scanner

Identifies consensus-critical vulnerabilities and security flaws in Cosmos SDK modules and CosmWasm smart contracts to prevent chain halts and fund loss.

Memory Forensics Guide

Facilitates advanced memory acquisition, process analysis, and artifact extraction for incident response and malware investigations.

Systematic Debugging Strategies

Master methodical debugging techniques and root cause analysis to efficiently resolve bugs and performance issues across any technology stack.

Temporal Python Testing

Implements robust testing strategies for Temporal workflows using pytest, time-skipping, and comprehensive activity mocking.

Load Testing Adapter

Generates and executes comprehensive load test scripts to validate application performance and identify architectural bottlenecks.

Kubernetes Security Policies

Implement production-grade Kubernetes security using NetworkPolicies, Pod Security Standards, and RBAC configurations.