Testing & Security

Park Golf Platform 계약 테스트 가이드. Pact를 사용한 Consumer-Driven Contract Testing, OpenAPI 스펙 검증, NATS 메시지 스키마 검증 방법 안내. "계약테스트", "contract", "pact", "스키마 검증" 관련 질문 시 사용합니다.

This skill should be used when users want to train or fine-tune language models using TRL (Transformer Reinforcement Learning) on Hugging Face Jobs infrastructure. Covers SFT, DPO, GRPO and reward modeling training methods, plus GGUF conversion for local deployment. Includes guidance on the TRL Jobs package, UV scripts with PEP 723 format, dataset preparation and validation, hardware selection, cost estimation, Trackio monitoring, Hub authentication, and model persistence. Should be invoked for tasks involving cloud GPU training, GGUF conversion, or when users mention training on Hugging Face Jobs without local GPU setup.

Perform in-depth audits of Rust code, covering ownership, concurrency, unsafe blocks, traits, and Cargo dependencies.

Scala 3.6+ best practices with ScalaTest 3.2, sbt 1.10, functional programming patterns, and Play Framework.

Reviews UI components for WCAG compliance, ARIA attributes, keyboard navigation, and screen reader support. Use when building frontend components or user requests accessibility improvements.

OWASP Cheat Sheet Series に基づくセキュリティレビューと実装支援。コードレビュー依頼、セキュリティ関連の実装・調査、脆弱性チェック時に使用する。XSS, SQL Injection, CSRF, 認証認可などのセキュリティトピックを扱う。

Write secure, performant database queries using parameterized queries, proper eager loading, and transaction management. Use this skill when writing database queries, ORM operations, raw SQL statements, or repository methods. When working on files in repositories/, queries/, services/, or any code that interacts with the database. When optimizing query performance, preventing N+1 queries, implementing transactions, adding query timeouts, or caching expensive queries. When reviewing code for SQL injection vulnerabilities.

Guide users through creating and configuring a GitHub App for workspace authentication. Use when setting up GitHub App authentication for happy-little-claude-coders, creating github-app-credentials secret, or configuring automatic token refresh.

Defines project-wide code conventions for magic number elimination, constant usage, performance optimization, and type safety. Use when implementing, testing, or reviewing code to ensure consistency across the codebase.

REST API and GraphQL design with OpenAPI 3.1, authentication, versioning, and rate limiting.

Expert in searching and retrieving API information from L'Oréal's API Portal. **Use this skill whenever the user mentions 'API search', 'find API', 'API information', 'API spec', 'API schema', 'Swagger', 'OpenAPI', or asks about available APIs in the API portal.** Handles searching APIs by pattern, retrieving API metadata, and fetching OpenAPI specifications using Azure OAuth authentication.

Audits current project state for a given phase, detects completed, partial, or missing artifacts, fixes gaps via specs, and determines the correct next action.

Create and run validation script to test Play Store API connection

Explore and stress-test ideas before building. Use when user wants to brainstorm, think through an approach, explore options, discuss trade-offs, or says 'let's workshop this', 'think through', 'explore idea', or 'brainstorm'.

Download and transcribe videos from YouTube, Bilibili, TikTok and 1000+ platforms. Use when user requests video download, transcription (转录/字幕提取), or converting video to text/markdown. Supports quality selection, audio extraction, playlist downloads, cookie-based authentication, and AI-powered transcription via SiliconFlow API (免费转录).

Use this skill when working with TypeScript/JavaScript files (.ts, .tsx, .js, .jsx, .mts, .cts, .mjs, .cjs) in Deno projects, or when the user asks about Deno-specific patterns, imports, configuration, testing, or tooling.

Comprehensive testing and quality assurance specialist for ensuring code quality through testing strategies

Analyzes HTML/JSX/TSX files for SEO and accessibility issues including WCAG 2.1 AA compliance, color contrast (4.5:1), heading hierarchy, meta tags, image alt text, and ARIA attributes. Use when checking web pages for SEO, accessibility, WCAG compliance, or when user mentions "a11y", "contrast", "alt text", "meta tags", "heading structure", or "accessibility audit".

This skill should be used when conducting comprehensive code reviews and codebase audits. Invoke when the user requests to review code quality, security vulnerabilities, performance issues, or best practices across entire codebases, directories, or specific files. Typical requests include "Review the codebase in ./src", "Audit this project for security issues", or "Review all Python files for quality".

Web application testing toolkit using Playwright with Python. Use for verifying frontend functionality, debugging UI behavior, capturing browser screenshots, viewing browser logs, and automating web interactions.