Security & Testing Agent Skills

Security & Dependency Audit

Conducts comprehensive security audits of project dependencies, configurations, and sensitive files to identify and remediate vulnerabilities.

Systematic Debugger

Enforces a disciplined, multi-phase methodology for root cause investigation and verified bug resolution within Claude Code.

Workflow Testing Agent

Automates software verification and unit testing by delegating validation tasks to a specialized subagent.

Git Diff Reviewer

Analyzes staged and unstaged Git changes to identify bugs, security risks, and incomplete code before you commit.

ASTRA E2E Test Scenario Generator

Generates comprehensive end-to-end test scenarios by analyzing project blueprints, database designs, and API endpoints.

SonarCloud Security Audit Tool

Conducts automated security audits of SonarCloud vulnerabilities and hotspots across NASA PDS repositories and exports detailed reports for triage.

Verification Before Completion

Enforces a strict discipline of running fresh verification commands and analyzing actual output before claiming any task is finished or successful.

Rockets Runtime Diagnostics

Diagnoses and fixes startup, build, and ACL configuration issues within Rockets SDK projects.

Debugging Checklist

Provides a structured, systematic approach to troubleshooting and resolving complex software bugs through prioritized checklists.

Rockets Access Control

Implements and manages granular Access Control Lists (ACL) and Role-Based Access Control (RBAC) for secure backend services.

Browser Test Conventions

Establishes standardized configurations, severity classifications, and security protocols for automated browser testing workflows.

Fofum Solidity Audit

Conducts comprehensive security audits of EVM-compatible smart contracts using a systematic five-phase methodology and real-world exploit patterns.

Maestro Mobile UI Testing

Automates the creation, execution, and maintenance of deterministic Maestro YAML test flows for mobile applications.

LiteJS Testing Framework

Simplifies writing, running, and debugging tests using the zero-dependency LiteJS testing framework for Node.js and browsers.

Testing Anti-Pattern Guardrails

Enforces high-quality testing practices by identifying and preventing common anti-patterns like testing mocks or polluting production code.

Test-Driven Development (TDD)

Enforces a disciplined Red-Green-Refactor cycle by requiring failing tests before any production code is written.

Security & Safety Mindset

Implements proactive threat modeling, least-privilege design, and robust safety guardrails into every code change.

Engineering Verification

Enforces an evidence-based verification protocol to ensure all code changes are validated with fresh command output before completion.

Scalekit Full-Stack Logout Implementation

Automates the creation of secure OIDC logout flows for Scalekit integrations across major backend frameworks.

Scalekit Session Management

Implements secure, encrypted session management using Scalekit tokens with automated refresh logic and industry-standard cookie attributes.

Rigorous Validation

Enforces reproducible testing and evidence-driven verification to ensure code quality before merging.

Penetration Testing Adapter

Automates web application security audits and vulnerability scans to identify OWASP Top 10 threats.

Temporal Coalgebra Observation

Verifies system behavioral equivalence through formal coalgebraic observation and final bisimulation analysis.

React Native Security Audit

Identifies security vulnerabilities, sensitive data leaks, and insecure implementation patterns in React Native applications across both JavaScript and native code layers.

Angular Debugger Pro

Diagnoses and resolves complex Angular application errors using systematic debugging techniques and expert-level diagnostic patterns.

Codex-AI Advanced Code Intelligence

Automates deep code reviews, algorithm design, and architectural analysis using high-reasoning Codex models.

Solidity Smart Contract Patterns

Implements battle-tested Solidity design patterns and OpenZeppelin security standards for robust Ethereum smart contract development.

Newman API Testing & Automation

Automates API testing workflows using Newman and Postman collections with robust environment management and reporting.

Web Accessibility Auditor

Conducts automated accessibility audits to ensure web applications comply with WCAG standards and ARIA best practices.

Playwright E2E Test Suite

Automates comprehensive end-to-end testing by researching codebases, executing Playwright browser journeys, and verifying database integrity.