測試與安全

Implement proper error handling patterns for n8n nodes using NodeApiError and NodeOperationError classes. Use this skill when writing try-catch blocks in execute methods, handling HTTP errors, validating parameters, parsing API error responses, implementing continueOnFail logic, writing actionable error messages, or handling errors in trigger nodes. Apply when working with external API calls, authentication errors, rate limiting, or any error scenarios in n8n node development.

Comprehensive Python AI/ML development expert with 10+ years experience using UV package manager. Covers PyTorch, TensorFlow, scikit-learn, transformers, langchain, pandas, numpy, OpenCV, and all major AI/ML libraries. Automatically audits projects, generates production-ready code with type hints, optimizes performance, sets up RAG pipelines, manages dependencies with UV, and ensures best practices. Use for AI/ML project setup, model training, data processing, LLM applications, computer vision, code generation, dependency management, performance optimization, and comprehensive project auditing. Excludes Tkinter and desktop UI libraries.

Next.js/TypeScriptプロジェクト向けセキュリティ診断スキル。OWASP準拠。以下の場合に使用:(1) PRレビュー時のセキュリティチェック(2) API Routes のセキュリティ検証(3) 認証・認可ロジックの確認(4) 依存パッケージの脆弱性確認(5) 環境変数・シークレット管理の確認

Implements session-based authentication with Lucia Auth library for server-side session management and cookie handling. Use when building custom authentication, session management, or when user mentions Lucia, server-side auth, or session cookies.

Guide for writing integration tests with Vitest and Testing Library. Use when testing multi-component workflows, database interactions, React components with context providers, or full user flows. Covers the Testing Trophy philosophy (integration > unit), factory patterns for test data, MSW for network mocking, async testing patterns (waitFor, findBy), and custom render with providers. Use this for tests that cross multiple modules or layers of the application.

PROACTIVELY enforce Test-Driven Development when implementing features or fixing bugs. Ensures tests are written BEFORE code. Use for new methods, services, repositories, or bug fixes. Guides RED-GREEN-REFACTOR cycle.

Automates updating anthropic_sdk_dart when Anthropic OpenAPI spec changes. Fetches latest spec, compares against current, generates changelogs and prioritized implementation plans. Use for: (1) Checking for API updates, (2) Generating implementation plans for spec changes, (3) Creating new models/endpoints from spec, (4) Syncing local spec with upstream. Triggers: "update api", "sync openapi", "new endpoints", "api changes", "check for updates", "update spec", "api version", "fetch spec", "compare spec", "what changed in the api", "implementation plan".

Review, analyze, and inspect code for Photo Map MVP project following Spring Boot, Angular 18, and shared project conventions. Check security, performance, naming, testing, and MVP scope compliance. Use when reviewing pull requests, conducting code audits, analyzing code quality, inspecting Java or TypeScript files, or ensuring quality before commits. File types: .java, .ts, .html, .xml, .properties, .css, .scss

OPA Gatekeeper policy templates overview. 20 production-ready constraint templates for pod security, image validation, RBAC, and resource governance.

Complete Behavior-Driven Development workflow coordinating SCENARIO → STEP DEFINITIONS → IMPLEMENT → REFACTOR cycle with Given/When/Then scenarios. Use when writing BDD tests or implementing features from user stories.

Use when implementing an APPROVED OpenSpec change. Read tasks.md and follow EXACTLY. Do not deviate, add features, or skip tasks. Use with test-tdd for each code task.

Test at extremes (1000x bigger/smaller, instant/year-long) to expose fundamental truths hidden at normal scales

Security audit skill for React Native applications. Use when reviewing code for vulnerabilities, detecting leaked secrets (API keys, tokens, credentials), identifying exposed personal data (PII), checking insecure storage, validating authentication flows, reviewing network security, and ensuring compliance with mobile security best practices (OWASP MASVS). Covers both JavaScript/TypeScript and native iOS/Android code.

This skill provides comprehensive automation for GitHub repository setup and configuration.It should be used when creating new projects, setting up CI/CD pipelines, configuring issuetemplates, enabling security scanning, or migrating existing projects to GitHub automation.The skill prevents 18 documented errors in GitHub Actions YAML syntax, workflow configuration,issue template structure, Dependabot setup, and CodeQL security scanning. It includes 12production-tested workflow templates, 4 issue templates, security configurations, and automationscripts for rapid project setup.Use when: setting up GitHub Actions CI/CD, creating issue/PR templates, enabling Dependabot,configuring CodeQL scanning, automating GitHub repository setup, fixing YAML syntax errors,integrating security scanning, deploying to Cloudflare Workers via GitHub Actions, orimplementing multi-framework testing matrices.Keywords: github actions, github workflow, ci/cd, issue templates, pull request templates,dependabot, codeql, se

Build accessible user interfaces following WCAG guidelines with semantic HTML, keyboard navigation, and screen reader support. When creating or modifying UI components, pages, forms, or interactive elements. When working on files that render HTML, JSX, or template markup. When implementing keyboard navigation, focus management, or ARIA attributes. When adding form inputs, buttons, links, modals, or any interactive UI elements. When ensuring color contrast, alternative text for images, or proper heading structure. When building or testing components for screen reader compatibility.

Comprehensive development guides for advanced Kailash SDK features including custom node development, MCP development, async patterns, testing strategies, production deployment, RAG systems, security patterns, monitoring, and SDK internals. Use when asking about 'development guide', 'advanced features', 'custom node development', 'async node development', 'MCP development', 'production deployment', 'testing strategies', 'RAG implementation', 'security patterns', 'monitoring setup', 'circuit breaker', 'compliance', 'edge computing', or 'SDK internals'.

Generates three project-specific behavioral mode skills (planner, debugger, qa-tester) from project memories and bundled templates, and makes them selectable via switching-modes. Use when creating project-local agent modes for a repository.

Master REST and GraphQL API design, authentication, security, error handling, documentation, and deployment. Learn HTTP semantics, resource modeling, rate limiting, versioning strategies, and build production-grade APIs serving millions of requests.

Expert Go/Golang development including writing code, APIs, handlers, middleware, testing with go test, dependency management with go mod, and applying best practices from Context7. Use when user asks to write, modify, or debug Go code, mentions Golang, Go modules, go test, go build, REST APIs in Go, or working with .go files.

Node.js/Express/TypeScript microservices development patterns. Use when workingwith backend code: routes, controllers, services, repositories, middleware, APIs.Covers:- Layered architecture (routes → controllers → services → repositories)- Express routing and middleware patterns- Prisma database access and ORM best practices- Zod validation and input sanitization- Sentry error tracking integration- BaseController pattern and dependency injection- Async/await patterns and error handling- Testing strategies and performance monitoring