Testing & Security

Use when writing or changing tests, adding mocks, or tempted to add test-only methods to production code - prevents testing mock behavior, production pollution with test-only methods, and mocking without understanding dependencies

Automated E2E test infrastructure setup with Playwright, Vitest, MSW, and GitHub Actions. Generates 80%+ coverage tests based on REDR-prototype patterns.

Generates complete, runnable RSpec tests for Rails models, services, controllers, and background jobs following project conventions. Use when new code is created without corresponding tests, when refactoring existing code, or when explicitly asked to add test coverage.

Comprehensive system for managing llms.txt and my-blog.json files across the project. Handles creation, updating, and synchronization of AI-readable content catalogs. Automatically detects when working with llms.txt files, my-blog.json files, or updating blog content. Includes utilities for fetching latest content from query-index.json and organizing by last modified dates. Keywords include llms.txt, my-blog.json, blog catalog, content index, query-index.json, AI content discovery, update llms, update blog, content synchronization.

Node chain testing templates for quality agent. WorkflowBuilder patterns and tier-based testing. Use when: testing node chains, WorkflowBuilder patterns, tier-based testing, chain execution tests, simple/complex/full chain tiers.

Least-privilege IAM roles for GKE nodes and workloads. Workload Identity Federation for external authentication and comprehensive audit logging for visibility.

Next.js 15 API route patterns, NextRequest, NextResponse, error handling, maxDuration configuration, authentication, request validation, server-side operations, route handlers, and API endpoint best practices. Use when creating API routes, handling requests, configuring timeouts, or building server-side endpoints.

Proactively investigates Go SSO codebase to understand authentication flows, trace gRPC request paths, analyze clean architecture patterns, and provide comprehensive backend code insights. Use when users ask about SSO implementation, service structure, database queries, or need to understand how authentication/authorization works.

CLAUDE Framework coding standards for code quality, naming conventions, error handling, security, testing, database, and logging

ユニットテスト、統合テスト、E2Eテストのコード生成を支援します。テスト設計、AAA パターン、テストシナリオを提供します。テストコード実装、テストカバレッジ拡大が必要な場合に使用してください。

Automated code validation for diff review, change hygiene, and red flag detection. Use when reviewing git diffs, PRs, or changed files for test disabling patterns, secrets, path portability issues, security flags, and large deletions. Supports Python, TypeScript, JavaScript, HTML, and CSS.

Generate pytest test templates for LiquidationHeatmap modules following TDD patterns. Automatically creates RED phase tests with fixtures, coverage markers, and integration test stubs.

Handle Advent of Code answer submissions with intelligent retry logic. Submits answers via aoc-cli, parses responses, handles failures, analyzes edge cases when tests pass but submission fails, and manages exponential backoff. Use when submitting AoC answers, handling submission failures, or implementing retry logic.

Use when creating or editing skills, before deployment, to verify they work under pressure and resist rationalization - applies RED-GREEN-REFACTOR cycle to process documentation by running baseline without skill, writing to address failures, iterating to close loopholes

Container security, secret management, compliance, and secure infrastructure.

Package Go CLIs as minimal secure containers with distroless base images. Static binaries, non-root users, read-only filesystems for production.

Lossless image optimization using ImageOptim on macOS. Use when user mentions ImageOptim, asks to optimize images, or invokes /image-optim.

Better Auth authentication library for TypeScript. Covers session management, passkeys, social auth, and organization features. Triggers on better-auth, auth, session, passkey.

Senior Backend Developer with 10+ years Java and 5+ years Spring Boot experience. Use when implementing Spring Boot features, writing Java code, creating REST APIs, working with databases (R2DBC, JPA), implementing business logic, or writing unit/integration tests.

Security auditing with OWASP Top 10 2025 compliance and vulnerability detection