Security & Testing Agent Skills

Web App Testing & Playwright Toolkit

Provides a comprehensive toolkit for automating and testing local web applications using Playwright and automated server management.

Web Application Testing

Automates frontend testing and browser interactions for local web applications using Playwright scripts.

TDD Workflow

Implements a rigorous Test-Driven Development cycle to ensure high-quality, bug-free code through Red-Green-Refactor principles.

TDD Workflow for Claude Code

Implements a rigorous Test-Driven Development cycle to ensure code reliability through the Red-Green-Refactor methodology.

Wireshark Network Traffic Analysis

Analyzes network packets and traffic patterns to troubleshoot connectivity, investigate security incidents, and optimize protocol performance.

Wireshark Network Traffic Analysis

Analyzes network traffic and packet captures using Wireshark to troubleshoot connectivity and investigate security incidents.

IDOR Vulnerability Testing

Provides systematic methodologies and workflows for identifying, exploiting, and remediating Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.

Shodan Reconnaissance & Pentesting

Automates network reconnaissance and vulnerability discovery using Shodan to identify exposed internet-connected devices and services.

Verified Completion Guardrail

Enforces a strict verification protocol requiring fresh command output and evidence before any work is claimed as complete.

Shodan Reconnaissance & Security Auditing

Conducts comprehensive reconnaissance on internet-connected devices and services using the Shodan search engine, CLI, and API.

Active Directory Attack & Audit

Facilitates comprehensive security assessments and penetration testing of Microsoft Active Directory environments through guided reconnaissance and exploitation workflows.

Verification Before Completion

Enforces rigorous evidence-based verification before any task is marked as finished, committed, or merged.

Privilege Escalation Methods

Provides comprehensive methodologies and technical commands for escalating system privileges on Linux and Windows environments.

Production Code Audit & Hardening

Transforms entire codebases into production-grade, enterprise-level systems through autonomous deep-scanning and systematic optimization.

API Security & Fuzzing Specialist

Conducts comprehensive security assessments and fuzzing across REST, SOAP, and GraphQL APIs to identify vulnerabilities like IDOR and injection.

Broken Authentication Security Testing

Identifies and evaluates authentication and session management vulnerabilities in web applications to prevent unauthorized access and identity theft.

Production Code Audit

Transforms codebases into enterprise-grade software by performing autonomous deep-scans for security, performance, and architectural vulnerabilities.

Broken Authentication Security Testing

Identifies and evaluates authentication and session management vulnerabilities in web applications to prevent unauthorized access and account takeovers.

API Fuzzing & Bug Bounty Toolkit

Guides comprehensive API security testing and vulnerability discovery across REST, GraphQL, and SOAP architectures.

Active Directory Security Assessment

Provides comprehensive workflows and technical guidance for professional Active Directory penetration testing and security auditing.

Vulnerability Scanner & Security Auditor

Conducts advanced security audits and vulnerability mapping based on the 2025 threat landscape and OWASP principles.

Production Code Auditor

Autonomously transforms entire codebases into enterprise-grade, production-ready software through deep-scan audits and automated refactoring.

Advanced Vulnerability Scanner

Identifies and prioritizes code vulnerabilities using OWASP 2025 standards, supply chain auditing, and attack surface mapping.

Active Directory Security Testing

Facilitates comprehensive penetration testing and security audits of Microsoft Active Directory environments.

Pentest Checklist

Guides users through a structured methodology for planning, executing, and managing professional penetration testing engagements.

Privilege Escalation Methods

Provides comprehensive techniques and automated workflows for escalating privileges on compromised Linux and Windows systems during security assessments.

Better Auth Integration

Implements comprehensive authentication and authorization flows in TypeScript applications using the framework-agnostic Better Auth library.

Verification Before Completion

Enforces strict evidence-based verification protocols before marking tasks as complete to ensure code reliability and integrity.

Pentest Checklist

Provides a structured methodology and comprehensive checklists for planning, executing, and remediating security penetration tests.

Verification Before Completion

Enforces rigorous evidence-based reporting and command verification before any task is marked as complete or successful.