Security & Testing Agent Skills

Find Bugs & Security Auditor

Audits local branch changes for security vulnerabilities, logic bugs, and code quality issues using a structured five-phase review process.

MoonBit PBT Workflow Guide

Orchestrates Property-Based Testing workflows in MoonBit repositories using the Aletheia toolchain.

Verification & Quality Assurance

Automates code verification and truth scoring with integrated rollback systems to maintain high codebase reliability.

Go Testing & Quality Assurance

Implements robust Go testing patterns using table-driven tests, mock generation, and standardized assertions to ensure high code quality.

Done Criteria Manager

Defines testable, binary acceptance criteria to ensure development tasks are successfully completed and verified by automated tools.

Cloudflare Security Guide

Guides the implementation of Cloudflare security solutions including Zero Trust, WAF, and DDoS protection.

APEX Systematic Debugging

Implements a hypothesis-driven debugging workflow that utilizes pattern-based intelligence to resolve complex software bugs.

Apex Ship

Automates adversarial code reviews, git commits, and task reflections to ensure high-quality production deployments.

macOS Desktop Automation

Automates native macOS application testing and desktop workflows using Hammerspoon and system-level input simulation.

PopKit Validation Engine

Validates PopKit plugin integrity through a structured Scan-Compare-Report-Apply workflow to ensure component consistency.

Systematic Debugging

Implements a rigorous four-phase framework that enforces root cause investigation before applying fixes to complex bugs or test failures.

Web Application Testing

Automates local web application testing and UI debugging using Playwright and integrated server management scripts.

GKE Runtime Security

Enforces GKE workload security through Pod Security Standards, admission controllers, and real-time behavioral monitoring with Falco.

Secure Code & Supply Chain

Identifies and remediates security vulnerabilities, manages SBOMs, and secures software supply chains using automated scanning and best practices.

Go Security Tooling

Implements standard, OpenSSF-certified Go security workflows using race detection, linting, and vulnerability scanning.

Automated Security Enforcement

Implements mandatory security guardrails and policy-as-code to ensure audit-ready compliance across the development lifecycle.

Secure Credential Storage

Implements secure patterns for managing and rotating GitHub App credentials across diverse CI/CD and infrastructure environments.

Test Coverage Analysis

Analyzes code coverage metrics, identifies testing gaps, and provides actionable recommendations to improve software quality.

GitHub Action SHA Pinning Guide

Secures CI/CD pipelines by enforcing immutable SHA-256 commit pinning for GitHub Actions to prevent supply chain attacks.

Kubernetes RBAC Security Templates

Secures Kubernetes clusters by enforcing OPA-based RBAC policies that prevent privilege escalation and wildcard permissions.

Security Review & Vulnerability Analysis

Conducts deep adversarial security audits of API endpoints, UI flows, and database interactions to identify and fix vulnerabilities.

FoundationDB Simulation Testing

Facilitates the creation of deterministic, chaos-driven simulation workloads for FoundationDB using Rust.

Bats Shell Testing Patterns

Master the Bash Automated Testing System (Bats) to implement robust, unit-tested shell scripts and CI/CD pipelines.

Dify Frontend Testing

Generates production-grade Vitest and React Testing Library tests for Dify frontend components, hooks, and utilities.

MOVA Evidence & Proof Verification

Generates deterministic evidence-first reports and proof kits for safe, verifiable code modifications and security audits.

Systematic Debugging

Investigates and resolves software bugs through a structured process of reproduction, root cause analysis, and regression testing.

Accessibility Checker

Verifies WCAG 2.1 Level AA compliance for React and HTML components to ensure inclusive and accessible user interfaces.

Hookify Rule Manager

Streamlines the creation and configuration of Hookify rules to enforce security guardrails and coding standards within Claude Code.

Web App Testing with Playwright

Automates end-to-end web application testing and debugging using Playwright to ensure seamless frontend functionality and UI integrity.

Test Orchestrator

Manages comprehensive testing strategies and execution across unit, integration, and E2E layers to ensure high software quality.