測試與安全

Analyze session management implementations to identify security vulnerabilities in web applications.Use when you need to audit session handling, check for session fixation risks, review session timeout configurations, or validate session ID generation security.Trigger with phrases like "check session security", "audit session management", "review session handling", or "session fixation vulnerability".

Validate authentication mechanisms for security weaknesses and compliance. Use when reviewing login systems or auth flows. Trigger with 'validate authentication', 'check auth security', or 'review login'.

Generate mocks, stubs, spies, and fakes for dependency isolation.Use when creating mocks, stubs, or test isolation fixtures.Trigger with phrases like "generate mocks", "create test doubles", or "setup stubs".

Track and manage regression test suites across releases.Use when performing specialized testing.Trigger with phrases like "track regressions", "manage regression suite", or "validate against baseline".

Use when you need to work with compliance checking.This skill provides compliance monitoring and validation with comprehensive guidance and automation.Trigger with phrases like "check compliance", "validate policies",or "audit compliance".

Automatically generate comprehensive unit tests from source code covering happy paths, edge cases, and error conditions.Use when creating test coverage for functions, classes, or modules.Trigger with phrases like "generate unit tests", "create tests for", or "add test coverage".

Analyze HTTP security headers of web domains to identify vulnerabilities and misconfigurations.Use when you need to audit website security headers, assess header compliance, or get security recommendations for web applications.Trigger with phrases like "analyze security headers", "check HTTP headers", "audit website security headers", or "evaluate CSP and HSTS configuration".

Execute end-to-end tests covering full user workflows across frontend and backend.Use when performing specialized testing.Trigger with phrases like "run end-to-end tests", "test user flows", or "execute E2E suite".

Execute inspect and validate Vertex AI Agent Engine deployments including Code Execution Sandbox, Memory Bank, A2A protocol compliance, and security posture. Generates production readiness scores. Use when asked to "inspect agent engine" or "validate depl... Trigger with relevant phrases based on skill purpose.

Validate encryption implementations and cryptographic practices. Use when reviewing data security measures. Trigger with 'check encryption', 'validate crypto', or 'review security keys'.

Audit access control implementations for security vulnerabilities and misconfigurations. Use when reviewing authentication and authorization. Trigger with 'audit access control', 'check permissions', or 'validate authorization'.

Use when you need to work with security and compliance.This skill provides security scanning and vulnerability detection with comprehensive guidance and automation.Trigger with phrases like "scan for vulnerabilities", "implement security controls",or "audit security".

Create comprehensive API documentation with examples, authentication guides, and SDKs.Use when creating comprehensive API documentation.Trigger with phrases like "generate API docs", "create API documentation", or "document the API".

Scan APIs for security vulnerabilities including injection, broken auth, and data exposure.Use when scanning APIs for security vulnerabilities.Trigger with phrases like "scan API security", "check for vulnerabilities", or "audit API security".

Automates software development overnight using git hooks to enforce test-driven Use when appropriate context detected. Trigger with relevant phrases based on skill purpose.

Create API gateways with routing, load balancing, rate limiting, and authentication.Use when routing and managing multiple API services.Trigger with phrases like "build API gateway", "create API router", or "setup API gateway".

Scan for exposed secrets, API keys, and credentials in code. Use when auditing for secret leaks. Trigger with 'scan for secrets', 'find exposed keys', or 'check credentials'.

Scan for input validation vulnerabilities and injection risks. Use when reviewing user input handling. Trigger with 'scan input validation', 'check injection vulnerabilities', or 'validate sanitization'.

Execute integration tests validating component interactions and system integration.Use when performing specialized testing.Trigger with phrases like "run integration tests", "test integration", or "validate component interactions".

Audit crypto wallet security including private key management and transaction signing.Use when auditing wallet security practices.Trigger with phrases like "audit wallet", "check security", or "verify signatures".