Testing & Security

Scans containers and Dockerfiles for security issues. Wraps Hadolint for Dockerfile linting and Trivy for container image scanning. Use when user asks to "scan Dockerfile", "lint Dockerfile", "container security", "image scan", "Dockerセキュリティ", "コンテナスキャン".

Automatic QA test lifecycle management, naming conventions, and directory structure. Use when creating, organizing, or tracking QA tests to ensure proper naming, directory structure, and status transitions.

Guide users through a structured workflow for co-authoring documentation. Use when user wants to write documentation, proposals, technical specs, decision docs, or similar structured content. This workflow helps users efficiently transfer context, refine content through iteration, and verify the doc works for readers. Trigger when user mentions writing docs, creating proposals, drafting specs, or similar documentation tasks.

Next.js API route development patterns for the digital marketplace including authentication, error handling, validation, and RESTful conventions. Use when creating new API endpoints or modifying existing routes.

Never test mock behavior. Never add test-only methods to production classes. Understand dependencies before mocking.

Verifies code and configurations comply with security standards and regulations

Improves code quality after tests pass

Kindle Web Reader/Kindle macOSアプリからスクリーンショットをキャプチャしてPDF生成。書籍名やASIN指定でKindle本を自動PDF化。Kindleライブラリ検索、Playwrightでページ自動取得、PNG画像からPDF変換、レイアウト設定（single/double）、範囲指定、品質調整、リサイズに対応。タイトル取得に失敗した場合は表紙キャプチャをAIで視認して命名する。

Expert deployment automation for cloud platforms. Handles CI/CD pipelines, container orchestration, infrastructure setup, and production deployments with battle-tested configurations. Specializes in GitHub Actions, Docker, HuggingFace Spaces, and GitHub Pages.

Sanitizing and validating user input to prevent XSS, injection attacks, and security vulnerabilities in TypeScript applications

Utility scripts directory configuration (/scripts) for MetaSaver monorepos including setup automation, environment management, and cross-platform support. Includes 4 critical standards (setup scripts, cross-platform support, error handling, documentation). Use when creating or auditing /scripts directory with Node.js and shell utility scripts.

Fast, repeatable UI verification using Puppeteer without paying browser startup per test. Use scenario suites + deterministic fixtures before jumping to full Jest E2E.

Use when implementing any feature or bugfix, before writing implementation code - write the test first, watch it fail, write minimal code to pass; ensures tests actually verify behavior by requiring failure first

Capture screenshots and run E2E tests with Playwright. Use for frontend debugging, visual inspection, or user flow validation. (project)

파싱된 리서치 데이터를 기반으로 TypeScript 테스트 데이터 파일 생성. 새 테스트 추가, subjects/*.ts 파일 생성 시 사용.

Implement full Better Auth registration/login with JWT tokens and protect routes when authentication is mentioned

Use this skill to query your Google NotebookLM notebooks directly from Claude Code for source-grounded, citation-backed answers from Gemini. Browser automation, library management, persistent auth. Drastically reduced hallucinations through document-only responses. This is a test.

Defines the standard 8-category taxonomy for classifying project files: Config, Tests, Docs, Scripts, Source Code, Data, AI Tooling, and Other. REFERENCE THIS SKILL whenever categorizing files, auditing project structure, or answering 'what types of files are here.' Apply these categories and patterns whether using the bundled script or manual analysis.

Instrument services with Prometheus metrics and write PromQL queries. Guides HuleEdu naming conventions, metrics middleware setup, and business vs operational metrics. Integrates with Context7 for latest Prometheus documentation.

This skill should be used when the user asks to "implement with TDD", "write tests first", "do test-driven development", or as Phase 3 of the /dev workflow. Enforces RED-GREEN-REFACTOR cycle with mandatory test-first approach.