Testing & Security

Analyze and reorganize git branch history into logical, shippable commits. Automatically identifies patterns like RuboCop fixes, test iterations, and implementation evolution, then creates clean commit history with comprehensive messages.

Expert guidance for software testing and quality assurance. Use when the user asks to write tests, create test plans, review code for bugs, perform code reviews, write test cases, set up testing frameworks, debug issues, validate requirements, create bug reports, perform regression testing, or improve test coverage. Triggers on testing, QA, quality assurance, test cases, bug reports, test automation, unit tests, integration tests, E2E tests, test coverage, debugging, code review.

Ensure backend build readiness for Espresso Engineered. Use when backend code/config changes are made or when a feature/task is wrapping up to suggest running `npm run build:backend` (and tests only if requested).

Ruby on Rails 8 and Ruby 3.2 backend development. Use when working on Rails applications, API development, ActiveRecord models, database migrations, service objects, serializers, RSpec testing, or Ruby code optimization. Triggers on Rails-specific patterns like controllers, models, migrations, jobs, concerns, serializers, and Rails configuration.

Manage Google Tasks with full CRUD operations via Ruby scripts. This skill should be used when working with Google Tasks - creating, reading, updating, deleting, and organizing tasks and task lists. Supports task completion, subtask creation, task ordering, and integration with other Google skills through shared OAuth authentication.

Use when presenting audit discrepancies to user for decision (HITL). For each discrepancy show file path, diff (template vs actual), and ask user what to do - [1] apply template, [2] update template (PR), [3] ignore, or [4] custom instruction. Records decisions for remediation phase.

Execute golden tests that compare the extracted OCaml interpreter against MLIR toolchain output. Use when validating semantics implementation or debugging differences between formal semantics and MLIR behavior.

WordPress Playground for instant browser-based WordPress testing. Use for quick demos, plugin testing, or ephemeral development environments without Docker.

Generate structured prompts for frontend development tasks following established patterns. Use when the user requests prompts for wireframes, UI implementation, data binding, or routing functionality in React/Next.js projects with specific formatting requirements (Cursor rules, file paths, test-driven development).

Web research and literature search capabilities for external resources. LOAD THIS SKILL WHEN: User says "搜尋", "search", "找資料", "查詢", "檢索", "web search", "網路搜尋" | needs external documentation | research task | API reference lookup | technology comparison | wants latest information. CAPABILITIES: Technical docs (MDN, GitHub, Stack Overflow), academic papers (PubMed integration), API documentation, real-time web data via fetch_webpage, structured search results.

Identifies, categorizes, and articulates code issues with brutal honesty and quantifiable specificity. Use when reviewing code, providing feedback, performing code audits, or when user needs direct assessment of code quality.

이슈관리 보드의 전체 이슈 품질 감사. Use when (1) 중복 이슈 검토, (2) 필수 필드 누락 검토, (3) Projects 미연결 검토, (4) task 이슈 작업량 미할당 검토.

Expert in authoring Gherkin-compliant behavior specifications (Given, When, Then). Use when defining executable scenarios for feature specifications or acceptance tests.

Django framework best practices including project structure, ORM, and security.

Export Azure Logic App workflows to the local project. Checks Azure CLI authentication, confirms subscription, and exports workflow definitions, connections, and configuration for a specified Logic App.

Implements authentication with Clerk including user management, protected routes, middleware, and React components. Use when adding authentication, managing users, protecting routes, or implementing sign-in/sign-up flows.

FastAPI 0.121+ production patterns with async SQLAlchemy 2.0.44, Pydantic V2.12.4, dependency injection, and enterprise architecture. Use for REST API development.

AWS CLI v2 quick-reference for experienced developers. Covers compute (Lambda, ECS, EKS), storage (S3, DynamoDB, Aurora), networking (VPC, SSM tunneling), security (IAM, Secrets Manager), and GitHub Actions CI/CD. Use when asked to "write aws commands", "debug aws access", "set up cross-account roles", "configure aws cli", "assume role", "S3 bucket operations", or "deploy to ECS".

Create or update pytest coverage for the tic-tac-toe project, including win/draw detection, move validation, bot legality/optimality, and mixed human/bot turn flow. Use when adding or editing tests under the tests/ directory.

Review test cases for OAuth/OIDC error handling. Covers authorization endpoint errors, token endpoint errors, error response formats, HTTP status codes, and all error codes per OAuth 2.1 and OIDC Core 1.0.