Testing & Security

Use when creating new skills, editing existing skills, or verifying skills work before deployment - applies TDD to process documentation by testing with subagents before writing, iterating until bulletproof against rationalization

Write secure and optimized database queries using parameterized queries, preventing SQL injection, avoiding N+1 queries through eager loading, selecting only needed columns, and using transactions for related operations. Use this skill when writing database queries using ORM query methods, raw SQL, or query builders in repository files, data access layer files, service files, or any backend code that fetches or manipulates database data. Use this when writing ORM queries with methods like findAll, findOne, findMany, where, include, select, joins, or populate to retrieve data from databases, writing raw SQL queries safely using parameterized inputs or prepared statements (never string interpolation or concatenation) to prevent SQL injection attacks, optimizing queries to prevent N+1 problems by using eager loading with include/populate or SQL joins to fetch related data in a single query instead of multiple sequential queries that degrade performance, implementing database transactions to wrap related operatio

Understand and adhere to the project's technology stack including Laravel, PHP, React, PostgreSQL, Pest, Tailwind CSS, and all configured tools and services. Use this skill when making architectural decisions, when choosing libraries or packages, when configuring development tools, when setting up testing frameworks, when implementing authentication, when integrating third-party services, when configuring CI/CD pipelines, when setting up local development environments, or when ensuring consistency with the established tech stack across all parts of the application.

Comprehensive code review workflow coordinating quality, security, performance, and documentation reviewers. 4-hour timeline for thorough multi-agent review.

Implementation Agent: Full TDD workflow in a single context window. Writes tests, implements code, and iterates until all tests pass.

Install and configure the Odin programming language. Use when:- Setting up Odin on a new machine- Updating Odin to latest version- Configuring Odin language server (ols)

Integrate with Azure DevOps for work item management, pipeline monitoring, and repository operations.Use when asked about: ado, azure devops, work item, create task, create bug, query work items,pipeline, set up ado, my work items, sprint items, what did I complete.Requires: Azure CLI with devops extension, authentication via az login.

Complete D365 Finance & Operations debugging framework. Routes symptoms to correct playbook (Finance, SCM, WMS, Batch, Security, Integration, Performance, Reporting). Activates for D365, Dynamics, AX, voucher, posting, batch job, SSRS, DMF, work order, wave, security, can't post, missing, wrong amount, slow, stuck.

Comprehensive evaluation creation for MCP servers - question generation, answer verification, and XML formatting for agent usability testing

OAuth 2.1 compliance checklist for authorization servers. Use when implementing OAuth 2.1 beyond OpenID Connect Basic OP requirements, verifying OAuth 2.1 specific features, or understanding differences from OAuth 2.0. Covers all OAuth 2.1 draft-ietf-oauth-v2-1-14 requirements not in Basic OP.

Toolkit for interacting with and testing local web applications using Playwright. Supports verifying frontend functionality, debugging UI behavior, capturing browser screenshots, and viewing browser logs.

Restart the Android app on connected device without rebuilding. Force-stops and relaunches the app remotely. Use when testing changes that don't require rebuild, or refreshing app state.

Validates Implementation Phase completion before advancing to Testing Phase. Checks code compilation, test coverage, implementation completeness, and code quality standards.

Delegate asynchronous coding tasks to Jules (Google's AI coding agent) to maximize efficiency. Use for code reviews, refactoring, adding tests, bug fixes, and documentation. Proactively suggest Jules delegation when appropriate. Invoke when user asks to interact with Jules, create sessions, check task status, or when tasks are suitable for async delegation.

Use AST-aware edits to reduce syntax errors and maintain structure.

Automated documentation auditing - ensures CLAUDE.md coverage, updates stale docs, recommends structural improvements

Kubernetes deployment patterns with Helm charts. Covers deployments, services, ConfigMaps, Secrets, Dapr sidecar injection, health probes, and resource management.

Senior-level React and Tailwind CSS development expert with 10+ years experience. Automatically audits, generates, and optimizes React applications with focus on hooks, Context API, performance, security, and modern Tailwind styling. Use for React component generation using TypeScript, hook optimization, security audits, responsive design implementation, animation, Context API patterns, performance optimization, and project structure analysis. Ensures clean code, prevents backend data exposure, and follows senior-level best practices.

Transform a Vibes app into a multi-tenant SaaS with subdomain-based tenancy. Adds Clerk authentication, subscription gating, and generates a unified app with landing page, tenant routing, and admin dashboard.

Park Golf Platform 계약 테스트 가이드. Pact를 사용한 Consumer-Driven Contract Testing, OpenAPI 스펙 검증, NATS 메시지 스키마 검증 방법 안내. "계약테스트", "contract", "pact", "스키마 검증" 관련 질문 시 사용합니다.