Testing & Security

Build real-time voice and video applications with Google's Gemini Live API. Use when implementing bidirectional audio/video streaming, voice assistants, conversational AI with interruption handling, or any application requiring low-latency multimodal interaction with Gemini models. Covers WebSocket streaming, voice activity detection (VAD), function calling during conversations, session management/resumption, and ephemeral tokens for secure client-side connections.

Comprehensive frontend testing patterns including component tests (Jest/Vitest + RTL), visual regression (Playwright), accessibility (axe-core), and performance (Lighthouse) testing for React/Next.js applications. Use when building frontend tests, testing React components, implementing visual regression, running accessibility tests, performance testing, or when user mentions component testing, visual regression, a11y testing, React Testing Library, Jest, Vitest, Lighthouse, or frontend testing.

Use dev-browser for browser automation on NixOS. Invoke when user asks to test UI, automate browser interactions, take screenshots, or verify web app behavior.

Comprehensive RSpec testing for Ruby and Rails applications. Covers model specs, request specs, system specs, factories, mocks, and TDD workflow. Automatically triggers on RSpec-related keywords and testing scenarios.

Systematically verify claims in code comments, documentation, commit messages, and naming conventions. Extracts assertions, validates with evidence (code analysis, web search, documentation, execution), generates report with bibliography. Use when: reviewing code changes, auditing documentation accuracy, validating technical claims before merge, or user says "verify claims", "factcheck", "audit documentation", "validate comments", "are these claims accurate".

Use when writing tests or implementing code. Defines RED-GREEN-REFACTOR cycle and test execution workflow.

Create responsive, mobile-first user interfaces that adapt seamlessly across all device sizes using modern CSS techniques and responsive design patterns. Use this skill when implementing layouts, breakpoints, fluid typography, responsive images, or any UI that needs to work across mobile, tablet, and desktop viewports. Apply this skill when using CSS media queries, container queries, responsive utility classes (Tailwind's sm:, md:, lg:), flexible grid/flexbox layouts, relative units (rem, em, vw, vh), or when optimizing touch interactions for mobile devices. This skill ensures mobile-first development approach, consistent breakpoint usage, proper viewport configuration, touch-friendly target sizes (44x44px minimum), readable typography across all screen sizes, and optimized performance on mobile networks with responsive images and lazy loading.

Use when testing frontend applications. AI-assisted browser testing with Playwright MCP. Fast, deterministic, no vision models needed.

Generates Drizzle ORM schema files for users, sessions, tokens, OAuth accounts, and audit logs. Syncs schema to Neon Postgres.

Expert CRO advisor that analyzes landing pages, product funnels, UI/UX friction, and provides data-driven A/B test ideas to maximize conversions, sign-ups, trials, and retention. Use when optimizing conversion rates, analyzing funnels, designing experiments, improving CTAs, reducing drop-offs, or when user mentions conversion rate, CRO, landing page optimization, A/B testing, or funnel analysis.

Provides exhaustive security vulnerability checklists with severity classifications, point deductions, and detection commands. Use when performing security audits, code reviews, penetration testing preparation, or checking OWASP compliance.

Principles for writing effective, maintainable tests. Covers naming conventions, assertion best practices, and comprehensive edge case checklists. Based on BugMagnet by Gojko Adzic.

Progressive audit and cleanup of GitHub accounts - stale forks, orphaned secrets, failing workflows, security configs. Audit-first with user approval before destructive actions. Triggers on 'clean up GitHub', 'audit my repos', 'GitHub hygiene', 'stale forks', 'orphaned secrets'. Requires gh CLI. (user)

Query and manage local Convex documentation mirror (42 docs). Search Convex topics for real-time database, serverless functions, authentication, file storage, and React hooks. Use when implementing Convex backend features or answering Convex-related questions. (user)

Comprehensive Vitest testing framework guide with strong emphasis on Jest-to-Vitest migration. Covers automated migration using codemods, configuration setup, API differences, best practices, and troubleshooting. Use when migrating from Jest, setting up Vitest, writing tests, configuring test environments, or resolving migration issues. Primary focus is seamless Jest migration with minimal code changes.

Testing strategy, test pyramid (70% unit/25% integration/5% E2E), PGlite patterns, Playwright best practices. Use when writing tests, debugging test failures, or when user mentions testing/test/spec/E2E.

Test Temporal workflows with pytest, time-skipping, and mocking strategies. Covers unit testing, integration testing, replay testing, and local development setup. Use when implementing Temporal workflow tests or debugging test failures.

Workflows for the Loopwish Apple client (Swift/SwiftUI + Swift Package Manager): run swift test, run SwiftLint strict, and organize changes by module.

Design and implement Model Context Protocol servers for standardized AI-to-data integration with resources, tools, prompts, and security best practices

Test web applications using Chrome DevTools. Use for visual regression testing, performance analysis, accessibility checks, console error detection, and automated UI testing. Works with live URLs or local development servers.