Testing & Security

Bootstraps complete backend with Apso, including API setup, database configuration, and testing. Triggers when user needs to create backend, setup API, or initialize server.

Reference and maintain the project's technology stack including frameworks, languages, databases, testing tools, and third-party services to ensure consistency across the codebase. Use this skill when making technology decisions, adding new dependencies, choosing appropriate tools or libraries, configuring build systems, setting up testing frameworks, or documenting the tech stack. Apply this skill when selecting which framework, library, or tool to use for a given task, when ensuring code follows the conventions of the chosen stack (React patterns, Python idioms, Rails conventions), when integrating third-party services, or when documenting technology choices in README or architecture documentation. This skill ensures all team members use consistent technologies, new additions align with existing stack decisions, technology choices are documented with rationale, and the project maintains coherent patterns rather than mixing conflicting approaches or frameworks.

E2E 테스트, Flyway vs @Sql 분리, TestRestTemplate 필수. MockMvc 금지. /kb-integration 명령 시 자동 활성화.

Expert at handling Supabase database migrations, creating RPC functions, managing RLS policies, and updating database schemas. Use when working with migrations, database schema changes, SQL functions, or Row Level Security policies.

Use to avoid critical testing mistakes. Five Iron Laws: Never test mock behavior, Never add test-only methods, Never mock without understanding, Always integration test, Always test error paths.

EditorConfig file validation and template for enforcing consistent coding styles across editors and IDEs in monorepos. Includes 4 required standards (root declaration, universal settings with UTF-8/LF/2-space defaults, language-specific sections for JS/TS/JSON/YAML/Markdown/Python/Shell/SQL/Docker/Prisma, root-only placement in monorepos). Use when creating or auditing .editorconfig files to ensure consistent code formatting.

Calculate Monaco payslips (bulletin de salaire) with social security contributions, taxes, and net salary. Use when user requests Monaco payslip calculations, salary breakdowns for Monaco employees, or needs to compute Monegasque employer/employee contributions.

Official NestJS starter with modular architecture and Jest testing.

Implement comprehensive testing strategies with pytest, fixtures, mocking, and test-driven development. Use when writing Python tests, setting up test suites, or implementing testing best practices.

Kyverno network security policies that enforce NetworkPolicy requirements, Ingress rules, and Service restrictions in Kubernetes.

Battle-tested automation patterns for GitHub Actions, Argo, and Kubernetes. Build resilient, idempotent workflows that scale with hub-and-spoke design.

Root package.json configuration for MetaSaver monorepos. Use when creating or auditing root package.json files to ensure workspace configuration, required scripts (build, dev, lint, test, format, clean), turbo pipeline scripts, packageManager field, and only devDependencies at root (no dependencies except cross-platform binaries).

Assess and enhance software projects for enterprise-grade security, quality, and automation. Use when evaluating projects for production readiness, implementing supply chain security (SLSA, signing, SBOMs), hardening CI/CD pipelines, or establishing quality gates. Aligned with OpenSSF Scorecard, Best Practices Badge (all levels), SLSA, and S2C2F. By Netresearch.

Analyze test coverage and add new test cases to improve coverage without changing implementation

Guide for implementing MongoDB - a document database platform with CRUD operations, aggregation pipelines, indexing, replication, sharding, search capabilities, and comprehensive security. Use when working with MongoDB databases, designing schemas, writing queries, optimizing performance, configuring deployments (Atlas/self-managed/Kubernetes), implementing security, or integrating with applications through 15+ official drivers. (project)

Complete knowledge domain for Cloudflare Browser Rendering - Headless Chrome automation with Puppeteer and Playwright on Cloudflare Workers for screenshots, PDFs, web scraping, and browser automation workflows. Use when: taking screenshots, generating PDFs from HTML or URLs, web scraping content, crawling websites, browser automation tasks, testing web applications, managing browser sessions, performing batch browser operations, integrating with AI for content extraction, or encountering browser rendering errors, XPath selector errors, browser timeout issues, concurrency limits, memory exceeded errors, or "Cannot read properties of undefined (reading 'fetch')" errors. Keywords: browser rendering cloudflare, @cloudflare/puppeteer, @cloudflare/playwright, puppeteer workers, playwright workers, screenshot cloudflare, pdf generation workers, web scraping cloudflare, headless chrome workers, browser automation, puppeteer.launch, playwright.chromium.launch, browser binding, session management, puppeteer.sessions, puppeteer.connect, browser.close, browser.disconnect, XPath not supported, browser timeout, concurrency limit, keep_alive, page.screenshot, page.pdf, page.goto, page.evaluate, incognito context, session reuse, batch scraping, crawling websites

Publishes hdwallet packages locally to verdaccio and updates them in the web repo. Use when you need to publish hdwallet locally, publish to verdaccio, run the verdaccio publish pipeline, or test hdwallet changes locally.

Use this skill whenever the user wants to set up, refactor, or maintain a GitHub Actions CI/CD pipeline for deploying Cloudflare Workers/Pages apps (e.g. Hono + TypeScript) with D1/R2, including tests, build, migrations, and multi-environment deploys.

CDI and Quarkus development standards for CUI projects, including CDI aspects, container configuration, testing, and native optimization

Comprehensive QA and testing skill for quality assurance, test automation, and testing strategies for ReactJS, NextJS, NodeJS applications. Includes test suite generation, coverage analysis, E2E testing setup, and quality metrics. Use when designing test strategies, writing test cases, implementing test automation, performing manual testing, or analyzing test coverage.