測試與安全

Expert LLC operations management for ID8Labs LLC (Florida single-member LLC). 9 specialized agents providing PhD-level expertise in compliance, tax strategy, asset protection, and business operations. Triggers on keywords like LLC, taxes, expenses, annual report, EIN, compliance, bookkeeping, deductions, filing, sunbiz, quarterly, S-Corp, retirement, audit, insurance, cash flow, mentor, teach, learn.

Deep code quality review with web research. Use when user explicitly requests verification against latest docs ('double check against latest', 'verify versions', 'check security'), needs deeper analysis beyond automatic hook, or is working on projects without SAFEWORD.md/CLAUDE.md. Fetches current documentation (WebFetch), checks latest versions (WebSearch), and provides deep analysis (performance, security, alternatives).

Cross-language testing patterns: unit, integration, E2E testing strategies.Use when: writing tests, setting up test infrastructure, or improving coverage.Triggers: "test", "testing", "unit test", "integration test", "e2e","coverage", "mock", "fixture".

Patterns for Aztec development: contracts, frontend, testing. Use when working with Aztec contracts in any capacity unless otherwise specified

Audit protected files, generate protection reports, and verify protection consistency. Use for protection system maintenance and compliance.

Debug GitHub Actions workflow failures, CI build issues, test failures in CI, and deployment problems. Use when workflows fail, artifacts aren't uploaded, or CI-specific errors occur.

Ultimate RabbitMQ expertise skill for production-grade message broker architecture, implementation, and operations. Top 0.01% knowledge covering: (1) Advanced messaging patterns - Dead Letter Exchanges, Delayed Messages, Priority Queues, Consistent Hash Exchange, Sharding, (2) High Availability - Clustering, Quorum Queues, Stream Queues, Federation, Shovel, (3) Performance Engineering - prefetch tuning, connection pooling, batch publishing, memory optimization, flow control, (4) Security - TLS/mTLS, OAuth2, LDAP, certificate rotation, (5) Monitoring - Prometheus metrics, custom health checks, anomaly detection, (6) Troubleshooting - memory alarms, network partitions, queue backlogs, consumer starvation, (7) Multi-tenancy - vhost design, resource limits, isolation patterns, (8) Event-driven architectures - CQRS, Event Sourcing, Saga patterns with RabbitMQ. Use when: building messaging systems, debugging RabbitMQ issues, optimizing performance, designing HA architectures, implementing advanced patterns, product

Summarize an arbitrary code repo (git or non-git) into a small, high-signal facts packet: languages, build/test tooling clues, notable paths, and size stats.

Transform technical requirements and business needs into well-structured, testable user stories following agile best practices and INVEST criteria. Generates comprehensive acceptance criteria, estimates complexity, and identifies dependencies for WCS migration tasks.

Aggregate Kyverno policies from security, DevOps, and application teams into unified enforcement. Build multi-stage containers using OCI repo dependencies.

Awareness of goldbox sandbox mode. Use when discussing security, running untrusted code, or when user asks about isolation.

Unit testing, integration testing, data validation, data quality frameworks

Securely retrieve secrets from 1Password using the 'op' CLI tool without displaying sensitive information. Use when working with API keys, tokens, passwords, SSH keys, database credentials, or any secrets stored in 1Password. All secret values are stored only in environment variables and NEVER displayed in output or context.

Prevent massive MCP responses from WordPress, Playwright, Notion, and other MCPs that can kill conversations on first call. Sophisticated token management for all MCP tool usage.

Expert assistant for Juju charm development using jhack utilities. Use when debugging charms, inspecting relations, syncing code, replaying events, testing scenarios, or performing rapid development iterations. Keywords include jhack, Juju debugging, charm testing, relation inspection, event replay, sync, tail, fire, show-relation, show-stored.

Use when finishing any task. Final checklist before marking complete. Ensures nothing forgotten, all tests pass, documentation updated.

Securely authenticate with GitHub using stored credentials for API operations and git commands

Threat modeling workflow for software systems: scope, data flow diagrams, STRIDE analysis, risk scoring, and turning mitigations into backlog and tests

Integrate external REST APIs with proper authentication, rate limiting, error handling, and caching patterns. Use when working with external APIs, building API clients, or fetching data from third-party services.

Deployment strategies, scripts, and best practices for Solidity smart contracts. Use when deploying contracts to testnets or mainnet.