Testing & Security

ファイル編集・コミット準備時に使用。シークレット漏洩防止チェックを実施。

Provides guidance on spec-driven, test-driven, iterative development methodology. Activated when user asks about MVP-first development, iterative workflows, TDD cycles, specification writing, or how to structure feature development.

MUST INVOKE this skill when working with SKILL.md files, authoring new skills, improving existing skills, or understanding skill structure and best practices. Create, audit, and maintain AI agent skills.

Live testing and validation of production research API for strategy optimization loops

Create the deliverable (code, documentation, tests, content) following the user's standards and best practices. Use after validation passes to actually build the work product.

Safe Python code execution using pyx CLI. Use when: running Python, executing scripts, testing code. Triggers: pyx, run python, execute code, test script. Default mode: MANIFEST_IO (file-first with manifest output).

Automates development of TogetherOS Rewards module features. Use when building reward types, implementing validation, creating UI components, writing tests, or updating Rewards documentation. Handles end-to-end implementation from entity models through API handlers to frontend components.

Comprehensive mobile app testing strategies for iOS and Android. Covers unit tests, UI tests, integration tests, performance testing, and test automation with Detox, Appium, and XCTest.

Guides writing bundler tests using itBundled/expectBundled in test/bundler/. Use when creating or modifying bundler, transpiler, or code transformation tests.

Converting backtest visualizations from bar indices/timesteps to actual datetime axes for clearer time context

Automatically find the latest portfolio CSVs, process them, and display visualizations in web browser. Use when you want a complete portfolio analysis with one command.

Generate realistic CSV data files with proper headers, data types, and configurable row counts for testing, demos, and development. Triggers on "create CSV data", "generate CSV file", "fake CSV for", "sample data CSV", "test data spreadsheet".

Escape Docker containers and exploit Kubernetes clusters using privileged containers, Docker socket access, misconfigurations, and API abuse. Use when testing container security or performing container escape.

Prevents 30+ critical AI/ML mistakes including data leakage, evaluation errors, training pitfalls, and deployment issues. Use when working with ML training, testing, model evaluation, or deployment.

Guides strict TDD (red/green/refactor), prioritizing domain unit tests and small steps.

专业安全审计专家，精通漏洞扫描、渗透测试、合规检查和安全代码审查。帮助企业识别和修复安全风险，确保系统和数据的安全性。

Build autonomous end-to-end full-stack testing agents using Claude's Computer Use API, LangGraph orchestration, and hybrid Playwright automation. Use this skill when building testing infrastructure, test automation, CI/CD test integration, or self-healing test systems.

Enterprise Clerk Authentication Platform with AI-powered modern identity architecture, Context7 integration, and intelligent user management orchestration for scalable applications

Comprehensive security vulnerability scanning. Use when checking for OWASP vulnerabilities, scanning for secrets/API keys, auditing dependencies for CVEs, or running pre-commit security checks.

Validate planning documents before implementation begins. Checks ambiguity resolution, prerequisites, and testing methods. Use when: - Before starting implementation of a ticket - User says "validate plan", "check plan", "ready to implement?" - After completing 2-plan.md and 3-spec.md - Before TDD cycle begins