Testing &amp; Security

validating-pre-commit

Runs quality gate checks before commit or push. Executes lint fixes, TypeScript compilation, tests, and CI validation. Reproduces CI failures locally. Triggers on: pre-commit, pre-push, quality check, CI check, lint check, type check, validate changes, check:fix, pnpm test.

saleor/configurator

tdd

Guide Test-Driven Development using Kent Beck's Red-Green-Refactor cycle. Use when writing tests, implementing features via TDD, or following plan.md test instructions.

atusy/dotfiles

analyzing-test-coverage

Creates and analyzes tests using Vitest and MSW patterns. Generates test builders, mocks repositories, and configures integration tests. Triggers on: write tests, test coverage, Vitest, MSW mock, vi.fn, vi.mock, unit test, integration test, test builder, mock setup, test failure.

saleor/configurator

reviewing-typescript-code

TypeScript code quality patterns for writing and reviewing code. Covers type safety, clean code, functional patterns, Zod usage, and error handling. Triggers on: add entity, create service, add repository, create comparator, add formatter, deployment stage, GraphQL query, GraphQL mutation, bootstrap method, diff support, command handler, Zod schema, error class, implement feature, add function, refactor code, clean code, functional patterns, map filter reduce, satisfies operator, type guard, code review, PR review, check implementation, audit code, fix types.

saleor/configurator

coverage

Run test coverage analysis, identify missed and partial lines, and write tests to improve coverage. Use this when the user asks to check coverage, improve coverage, or write tests for uncovered code. This skill detects both completely missed lines and partially covered lines (executed but missing branch coverage) to match Codecov analysis.

talmolab/sleap-io

k8s-architecture

Design and implement production-grade Kubernetes clusters with best practices for reliability, security, and scalability. Use when planning cluster architecture, designing K8s network models, or implementing multi-cluster strategies.

craftaholic/dotfiles

code-review-patterns

Marketplace

Internal skill. Use cc10x-router for all development tasks.

romiluz13/cc10x

repomix

Package entire code repositories into single AI-friendly files using Repomix. Capabilities include pack codebases with customizable include/exclude patterns, generate multiple output formats (XML, Markdown, plain text), preserve file structure and context, optimize for AI consumption with token counting, filter by file types and directories, add custom headers and summaries. Use when packaging codebases for AI analysis, creating repository snapshots for LLM context, analyzing third-party libraries, preparing for security audits, generating documentation context, or evaluating unfamiliar codebases.

test-engineer

test-engineer skill Trigger terms: testing, unit tests, integration tests, E2E tests, test cases, test coverage, test automation, test plan, test design, TDD, test-first Use when: User requests involve test engineer tasks.

planning

Use when you need to plan technical solutions that are scalable, secure, and maintainable.

traceability-auditor

Validates complete requirements traceability across EARS requirements → design → tasks → code → tests. Trigger terms: traceability, requirements coverage, coverage matrix, traceability matrix, requirement mapping, test coverage, EARS coverage, requirements tracking, traceability audit, gap detection, orphaned requirements, untested code, coverage validation, traceability analysis. Enforces Constitutional Article V (Traceability Mandate) with comprehensive validation: - Requirement → Design mapping (100% coverage) - Design → Task mapping - Task → Code implementation mapping - Code → Test mapping (100% coverage) - Gap detection (orphaned requirements, untested code) - Coverage percentage reporting - Traceability matrix generation Use when: user needs traceability validation, coverage analysis, gap detection, or requirements tracking across the full development lifecycle.

clean-architecture-python

Implement Clean Architecture principles in Python to create maintainable, testable, and framework-independent applications. Use when designing new Python applications, refactoring existing code, or implementing domain-driven designs.

craftaholic/dotfiles

constitution-enforcer

Validates compliance with 9 Constitutional Articles and Phase -1 Gates before implementation. Trigger terms: constitution, governance, compliance, validation, constitutional compliance, Phase -1 Gates, simplicity gate, anti-abstraction gate, test-first, library-first, EARS compliance, governance validation, constitutional audit, compliance check, gate validation. Enforces all 9 Constitutional Articles with automated validation: - Article I: Library-First Principle - Article II: CLI Interface Mandate - Article III: Test-First Imperative - Article IV: EARS Requirements Format - Article V: Traceability Mandate - Article VI: Project Memory - Article VII: Simplicity Gate - Article VIII: Anti-Abstraction Gate - Article IX: Integration-First Testing Runs Phase -1 Gates before any implementation begins. Use when: validating project governance, checking constitutional compliance, or enforcing quality gates before implementation.

code-reviewer

Copilot agent that assists with comprehensive code review focusing on code quality, SOLID principles, security, performance, and best practices Trigger terms: code review, review code, code quality, best practices, SOLID principles, code smells, refactoring suggestions, code analysis, static analysis Use when: User requests involve code reviewer tasks.

Debugging

Systematic debugging framework ensuring root cause investigation before fixes. Includes four-phase debugging process, backward call stack tracing, multi-layer validation, and verification protocols. Use when encountering bugs, test failures, unexpected behavior, performance issues, or before claiming work complete. Prevents random fixes, masks over symptoms, and false completion claims.

security-auditor

security-auditor skill Trigger terms: security audit, vulnerability scan, OWASP, security analysis, penetration testing, security review, threat modeling, security best practices, CVE Use when: User requests involve security auditor tasks.

mobile-development

Build modern mobile applications with React Native, Flutter, Swift/SwiftUI, and Kotlin/Jetpack Compose. Covers mobile-first design principles, performance optimization (battery, memory, network), offline-first architecture, platform-specific guidelines (iOS HIG, Material Design), testing strategies, security best practices, accessibility, app store deployment, and mobile development mindset. Use when building mobile apps, implementing mobile UX patterns, optimizing for mobile constraints, or making native vs cross-platform decisions.

quality-assurance

Copilot agent that assists with comprehensive QA strategy and test planning to ensure product quality through systematic testing and quality metrics Trigger terms: QA, quality assurance, test strategy, QA plan, quality metrics, test planning, quality gates, acceptance testing, regression testing Use when: User requests involve quality assurance tasks.

quality-assurance