Testing & Security

Guide and run a SharePoint audit locally. Collect inputs, confirm PowerShell 7.4+ and Python 3.10+ are available, call PowerShell with certificate auth via wrapper, parse audit.json, and render Markdown/HTML. Use only local shell commands.

Probability, distributions, hypothesis testing, and statistical inference. Use for A/B testing, experimental design, or statistical validation.

Build robust backend systems with modern technologies (Node.js, Python, Go, Rust), frameworks (NestJS, FastAPI, Django), databases (PostgreSQL, MongoDB, Redis), APIs (REST, GraphQL, gRPC), authentication (OAuth 2.1, JWT), testing strategies, security best practices (OWASP Top 10), performance optimization, scalability patterns (microservices, caching, sharding), DevOps practices (Docker, Kubernetes, CI/CD), and monitoring. Use when designing APIs, implementing authentication, optimizing database queries, setting up CI/CD pipelines, handling security vulnerabilities, building microservices, or developing production-ready backend systems.

Complete TDD workflow for creating comprehensive failing test suites across all architectural layers (entities, use cases, services, APIs, E2E) using Vitest, Playwright, and Testing Library. Mandatory Context7 consultation for latest testing patterns.

Update ClaudeKit Engineer projects to the latest version. Capabilities include update single projects (safe mode with test branches), batch update multiple projects, find all ClaudeKit projects in home directory, verify updates with automated checks, preserve user settings and code, create timestamped backups, handle git workflows (branch, commit, merge), and rollback if needed. Use when user wants to update ClaudeKit framework, upgrade to latest version, apply new features/skills/commands, or maintain multiple ClaudeKit projects.

Эксперт Detox тестирования. Используй для React Native E2E tests и mobile automation.

Use when investigating test suite issues, reducing CI/CD time, identifying brittle tests, finding test duplication, or analyzing test maintenance burden - reveals test code quality problems through git history analysis

Testing workflow for quality assurance. Use after implementation to run tests, check coverage, and validate critical paths.

Test-Driven Development with Arcanean philosophy - write tests first, fail intentionally, implement minimally, refactor with confidence. Embodies the Arcanean principle that constraint liberates creativity.

Quick reference for Smithery and Cloudflare deployment operations. Use for deploying Canvas MCP server, managing workers on ariff.dev, and testing OAuth endpoints.

Browser automation with Playwright for Python. Recommended for visual testing. (project)

Security best practices for Python development. Activated when working with security concerns, input validation, injection prevention, or threat modeling.

Audit Jupyter notebooks for hardcoded values that contradict configuration cells. Trigger when: (1) notebook behavior differs from documented settings, (2) updating notebook version, (3) finding inconsistent values across cells.

Complete Test-Driven Development workflow coordinating RED → GREEN → REFACTOR → COMMIT cycle with requirement traceability. Use this when implementing a requirement (REQ-*) or adding new functionality.

Deep code review with web research to verify against latest ecosystem. Use when user says 'double check against latest', 'verify versions', 'check security', 'review against docs', or needs deep analysis beyond automatic quality hook.

Integration Test E2E 테스트, TestRestTemplate 필수, Test Fixtures 재사용.MockMvc 금지, @Sql 어노테이션 테스트 데이터 설정.Gradle testFixtures 플러그인 활용, ArchUnit 의존성 검증.

Fetch Jira issues from Windows machine via syncer-cli 2.0. Use when user asks to get/fetch/download Jira tasks, analyze Jira issues, or work with issue tracker. Keywords: "Jira", "issue", "task", "VA-", "ticket", "get task", "fetch issue", ".env-extended", "JIRA_URL", "JIRA_TOKEN". Knows about execute-script patterns, .env-extended config, SSL certificate handling, and stdout-based result retrieval.

Small business finance, tax strategy, and wealth management. Auto-activates for Augusta Rule, home office deduction, Solo 401k, R&D credits, tax optimization, Mercury/Ramp operations, Bitcoin treasury, IRS notices, audit defense, and bootstrapped founder CFO work.

Perform comprehensive code reviews focusing on correctness, security, performance, maintainability, and best practices. Use after code changes to ensure quality standards before merging.

Expert guidance for testing and validating GitHub Actions workflows before deployment - catches cache errors, path issues, monorepo dependencies, and service container problems that local testing misses