Security & Testing Agent Skills

Data Privacy Scanner

Scans codebases and configuration files to identify sensitive data exposure, PII leaks, and regulatory compliance violations.

Web Application Testing

Automates local web application testing and browser interaction using Playwright and lifecycle management scripts.

Secret Scanner

Identifies and remediates exposed secrets, API keys, and sensitive credentials within your codebase to prevent security breaches.

Security Audit Reporter

Generates comprehensive security audit reports identifying vulnerabilities, compliance gaps, and actionable remediation steps.

Mobile App Testing Automation

Automates comprehensive end-to-end testing for iOS and Android applications using industry-standard frameworks like Appium, Detox, and XCUITest.

Visual Regression Tester

Automates visual consistency checks by capturing and comparing screenshots against baselines to detect unintended UI regressions.

Test-Driven Development (TDD) Suite

Implements systematic Test-Driven Development using the Red-Green-Refactor-Commit cycle and Baby Steps methodology to ensure high-quality, reliable code.

Web3 Smart Contract Testing

Implements comprehensive testing frameworks and patterns for Solidity smart contracts using Hardhat and Foundry.

Secure Authentication Patterns

Implements industry-standard authentication and authorization patterns including JWT, OAuth2, and role-based access control for secure application development.

Performance Test Suite

Automates the design, execution, and analysis of performance tests to identify system bottlenecks and optimize application stability.

SAST Security Configuration

Configures and optimizes Static Application Security Testing (SAST) tools for automated vulnerability detection across multiple programming languages.

JavaScript Testing Patterns

Implements professional testing strategies for JavaScript and TypeScript applications using Jest, Vitest, and Testing Library.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, mocking, and fixtures to ensure robust and maintainable codebases.

Temporal Python Testing

Implements comprehensive testing patterns for Temporal workflows using pytest, featuring time-skipping and determinism validation.

E2E Testing Patterns

Master end-to-end testing with Playwright and Cypress to build reliable, maintainable test suites that catch regressions and ensure deployment confidence.

Plugin Auditor

Audits Claude Code plugins for security vulnerabilities, repository compliance, and architectural best practices.

Chaos Engineering Toolkit

Executes controlled failure injection experiments and resilience tests to ensure systems remain robust under turbulent conditions.

Test Quality Analysis

Analyzes test suites to detect anti-patterns, improve coverage, and eliminate flaky tests for more reliable software delivery.

OWASP Security Reviewer

Conducts comprehensive security audits and vulnerability detection based on the OWASP Top 10 framework.

Authentication Security Validator

Validates authentication implementations against security best practices to ensure robust user protection and industry compliance.

Security Headers Analyzer

Analyzes HTTP security headers to identify website vulnerabilities and provides actionable hardening recommendations.

Advanced Pytest Testing

Implements sophisticated Python testing patterns including scoped fixtures, parallel execution, and async support for robust application suites.

Property-Based Testing

Automates test case generation and edge-case discovery using fast-check for TypeScript and Hypothesis for Python.

Session Security Auditor

Analyzes codebase session management practices to identify vulnerabilities like session fixation, weak ID generation, and improper expiration.

Python Testing with pytest

Simplifies Python test suite creation and maintenance using pytest, mocking, and comprehensive coverage analysis.

Code Review Checklist

Automates structured code reviews by evaluating security, performance, correctness, and maintainability against industry best practices.

Secret & Credential Scanner

Identifies and remediates exposed secrets, API keys, and credentials within codebases using advanced pattern matching and entropy analysis.

SDD Plan Review

Conducts multi-model AI consultations to provide structured feedback and risk assessments for technical specifications before implementation begins.

Authentication Validator

Validates application authentication implementations against security best practices and industry standards to identify vulnerabilities.

Test Environment Manager

Orchestrates isolated, reproducible test environments using Docker Compose and Testcontainers for consistent software testing.