Testing & Security

Create, review, and refactor project documentation (README, AGENTS.md, architecture docs, runbooks, API docs) with deep codebase analysis, clear markdown structure, and diagrams/user flows. Use when asked to write or improve docs, audit existing documentation for accuracy or quality, generate diagrams/flows, or assess agent-first docs like AGENTS.md/PLANS.md for freshness and completeness.

End-to-end guide for creating React components in AgenticFleet's frontend, from design tokens through Tailwind styling, shadcn/ui integration, state management, to testing.

Aggregates and summarizes the latest AI news from multiple sources including AI news websites and web search. Provides concise news briefs with direct links to original articles. Activates when user asks for 'today's AI news', 'AI updates', 'latest AI developments', or mentions wanting a 'daily AI briefing'.

Renders and validates Crossplane compositions with security and policy checks. Automatically activates when testing compositions, rendering examples, or validating resources with Polaris, kube-linter, and Datree. Works standalone or as part of complete KCL validation workflow.

Validates KCL Crossplane compositions with comprehensive checks including formatting, syntax validation, and rendering tests. Automatically activates when working with KCL files, Crossplane compositions, or before commits touching infrastructure/base/crossplane/configuration/. Prevents CI failures and catches critical bugs like the mutation pattern.

Arma Reforger Workbench workflow, testing guidelines, and debugging patterns

Master Python asyncio, concurrent programming, and async/await patterns for high-performance applications. Triggers: asyncio, async/await, coroutines, concurrent programming, async API, I/O-bound, websockets, background tasks, semaphores, async context managers Use when: building async APIs, concurrent systems, I/O-bound applications, implementing rate limiting, async context managers DO NOT use when: CPU-bound optimization - use python-performance instead. DO NOT use when: testing async code - use python-testing async module. Consult this skill for async Python patterns and concurrency.

Guide to effective Claude Code skill authoring using TDD methodology and persuasion principles. Triggers: skill authoring, skill writing, new skill, TDD skills, skill creation, skill best practices, skill validation, skill deployment, skill compliance Use when: creating new skills from scratch, improving existing skills with low compliance rates, learning skill authoring best practices, validating skill quality before deployment, understanding what makes skills effective DO NOT use when: evaluating existing skills - use skills-eval instead. DO NOT use when: analyzing skill architecture - use modular-skills instead. DO NOT use when: writing general documentation for humans. YOU MUST write a failing test before writing any skill. This is the Iron Law.

Workflow for capturing evidence and citations to create reproducible analyses and audit trails. Triggers: evidence capture, citations, reproducible analysis, audit trail, documentation, evidence logging, findings documentation Use when: conducting any review that needs evidence trails, creating audit documentation, ensuring reproducibility of analyses DO NOT use when: quick informal checks without documentation needs. DO NOT use when: structured output is the focus - use structured-output. Use this skill as foundation for all evidence-based review workflows.

detailed development workflow with modular patterns for git, code review, testing, documentation, and deployment

Standardized pytest configuration for plugin development with shared test patterns. Triggers: pytest configuration, conftest, fixtures, test setup Use when: setting up pytest for plugin development or creating fixtures

Monitor and optimize CPU/GPU usage with load measurement and cost-effective validation strategies. Triggers: CPU usage, GPU usage, performance, load monitoring, build performance, training, resource consumption, test suite, compilation Use when: session starts (auto-load with token-conservation), planning builds or training that could pin CPUs/GPUs for >1 minute, retrying failed resource-heavy commands DO NOT use when: simple operations with no resource impact. DO NOT use when: quick single-file operations. Use this skill BEFORE resource-intensive operations. Establish baselines proactively.

Configure GitHub Actions workflows for CI/CD (test, lint, typecheck, publish)

Update and maintain tests following TDD/BDD principles with detailed quality assurance. Triggers: test updates, test maintenance, test generation, TDD workflow, BDD patterns, test coverage, pytest, test enhancement, quality assurance Use when: updating existing tests, generating new tests for features, enhancing test quality, ensuring detailed coverage, pre-commit validation DO NOT use when: auditing test suites - use pensive:test-review. DO NOT use when: writing production code - focus on implementation first. Run git-workspace-review first to understand which tests need updates.

Authentication patterns for external services: API keys, OAuth, token management, verification. Triggers: authentication, API keys, OAuth, token management, credentials Use when: integrating external services or implementing authentication flows

System architecture: modules, project structure, ADRs, and testing. Use when designing or reviewing systems.

CQRS and Event Sourcing for auditability, read/write separation, and temporal queries. Triggers: CQRS, event sourcing, audit trail, temporal queries Use when: read/write scaling differs or audit trail required DO NOT use when: simple CRUD - use architecture-paradigms first.

Functional Core, Imperative Shell: isolate deterministic logic from side effects for testability. Triggers: functional core, imperative shell, pure functions, testability Use when: business logic is entangled with I/O or tests are brittle DO NOT use when: simple scripting without complex logic.

Evaluate and improve Claude skill quality through auditing. Triggers: skill audit, quality review, compliance check, improvement suggestions, token usage analysis, skill evaluation, skill assessment, skill optimization, skill standards, skill metrics, skill performance Use when: reviewing skill quality, preparing skills for production, auditing existing skills, generating improvement recommendations, checking compliance with standards, analyzing token efficiency, benchmarking skill performance DO NOT use when: creating new skills from scratch - use modular-skills instead. DO NOT use when: writing prose for humans - use writing-clearly-and-concisely. DO NOT use when: need architectural design patterns - use modular-skills. Use this skill BEFORE shipping any skill to production. Check even if unsure.

Enforces "prove before claim" discipline - validation, testing, and evidence requirements before declaring work complete. Triggers: completion, finished, done, working, should work, configured, ready to use, implemented, fixed Use when: claiming ANY work is complete, recommending solutions, stating something will work, finishing implementations DO NOT use when: explicitly asking questions or requesting clarification DO NOT use when: work is clearly in-progress and not claiming completion CRITICAL: This skill is MANDATORY before any completion claim. Violations result in wasted time and eroded trust.