Testing & Security

Generates test files and testing utilities for Vue 3 applications. Ensures mandatory .spec.ts files are created alongside components, views, stores, directives, and utilities.

Generate images using Google Gemini NanoBanana via browser automation. Use this skill for general-purpose AI image generation from text prompts. Includes persistent authentication, automatic environment setup, and reference image support for style matching.

This skill should be used when investigating .NET project dependencies, understanding why packages are included, listing references, or auditing for outdated/vulnerable packages.

自动化测试专家，精通单元测试、集成测试、E2E测试和性能测试。能够设计和实施全面的测试策略，确保软件质量和可靠性。

A minimal test skill to verify Skills loading works

Automates cleanup of old container images from DigitalOcean registries based on retention policies. Keeps last 10 tags for staging, 30 for production, always preserves :latest.

This skill should be used when working with Bun, a fast JavaScript runtime and toolkit. Use this skill for tasks involving Bun runtime execution, package management, bundling, testing, or when users ask about Bun-specific features, APIs, or best practices. Trigger when users mention "bun" commands, Bun's APIs, or request help with Bun installation, configuration, or usage.

Performs comprehensive WordPress site speed and performance audits. Use when analyzing WordPress themes, plugins, or sites for performance optimization opportunities, checking image/video optimization, database queries, caching, or identifying speed bottlenecks.

Use this skill when the user needs help designing, implementing, testing, or troubleshooting automated response playbooks using LimaCharlie's Playbook extension.

Generates a comprehensive project health report by aggregating task status and QA test results. Provides unified monitoring of process health (tasks) and product health (tests) with risk indicators and trend analysis.

NPM registry configuration template (.npmrc.template) and validation logic for GitHub Packages authentication with pnpm hoisting settings. Includes 4 critical standards (GitHub Package Registry config with token placeholder, pnpm hoisting for monorepo compatibility, exact version management, security documentation). Use when creating or auditing .npmrc.template files to prevent token leakage.

WHEN: GraphQL schema review, resolver patterns, N+1 detection, query complexity, API securityWHAT: Schema design + N+1 detection + Query complexity + Input validation + Error handling + DataLoader patternsWHEN NOT: REST API → api-documenter, Database schema → schema-reviewer, ORM → orm-reviewer

Transform into UX Explorer role for direct Playwright browser testing. Tests GAO-Dev web interface in greenfield (Docker) or brownfield (local dev) mode. Use when testing UI, finding bugs, or verifying fixes.

Expert en développement front-end moderne - HTML, CSS, JavaScript, TypeScript, frameworks, testing, performance et tooling

Deep architectural audit focused on finding dead code, duplicated functionality, architectural anti-patterns, type confusion, and code smells. Use when user asks for architectural analysis, find dead code, identify duplication, or assess codebase health.

Implement OAuth 2.1 / OIDC authentication using Better Auth with MCP assistance. Use when settingup a centralized auth server (SSO provider), implementing SSO clients in Next.js apps, configuringPKCE flows, or managing tokens with JWKS verification. Uses Better Auth MCP for guided setup.NOT when using simple session-only auth without OAuth/OIDC requirements.

Visual regression for canvas-rendered matrix progressions. Tests filmstrip strips that show how 2D data evolves visually over time. Auto-apply when editing *Progressions.ts strip definitions or stories with filmstrip components.

Implement secure file uploads with validation, size limits, type checking, virus scanning, and UUID naming. Use when handling file uploads like profile photos, documents, or resources.

Azure AD OAuth2/OIDC SSO integration for Kubernetes applications. Use when implementing Single Sign-On, configuring Azure AD App Registrations, restricting access by groups, or integrating tools (DefectDojo, Grafana, ArgoCD, Harbor, SonarQube) with Azure AD authentication.

Write minimal, strategic tests focused on core user flows and critical paths rather than comprehensive coverage. When creating or modifying test files for unit tests, integration tests, or end-to-end tests. When working on test files (*.test.ts, *.spec.ts, __tests__/*). When writing tests for critical user workflows and primary functionality. When testing behavior rather than implementation details. When mocking external dependencies or ensuring fast test execution. When deciding which parts of the codebase require testing coverage.