測試與安全

Deploys applications to cloud Kubernetes (AKS/GKE/DOKS) with CI/CD pipelines.Use when deploying to production, setting up GitHub Actions, troubleshooting deployments.Covers build-time vs runtime vars, architecture matching, and battle-tested debugging.

Use when adding features or fixing bugs. Follow RED/GREEN/REFACTOR cycle. Write failing test first, implement minimal code to pass, then refactor.

Run unit tests using CTest. Use when user asks to run tests, test the code, check test results, or mentions test failures.

Framework for writing and reviewing tests. Use when creating new tests, reviewing test quality, or debugging flaky tests.

Use when tests have race conditions, timing dependencies, or inconsistent pass/fail behavior - replaces arbitrary timeouts with condition polling to wait for actual state changes, eliminating flaky tests from timing guesses

Generate detailed control implementation guidance, technical steps, and implementation plans for OSCAL security controls. Use this skill to create implementation narratives, technical procedures, and deployment plans.

Expert on Plaid Auth product for bank account authentication and verification. Covers account and routing number retrieval, account ownership verification, balance checks, and integration patterns. Invoke when user mentions Plaid Auth, ACH verification, bank account verification, or routing numbers.

Build amplifier-foundation modules using "bricks and studs" architecture. Covers tool, hook, provider, context, and orchestrator modules with testing, publishing, and best practices.

开源许可证审计助手，扫描项目依赖的开源许可证，识别许可证冲突、合规风险，提供替代方案，与dependency-updater协同确保开源合规。

Security and privacy engineering

Comprehensive Python testing guidance with orchestration access to specialized testing skills for unit testing, integration testing, mocking, and advanced patterns.

Expert on your minimal zsh setup, dotfiles, and shell configurations. Use when asked about aliases, functions, shell scripts, zsh configuration, or dotfiles. ADHD-friendly explanations. Can fetch latest documentation using Context7 MCP.

Configure Traefik labels for routing, SSL/TLS with LetsEncrypt, and advanced routing patterns including Cloudflare DNS challenge. Use when adding web access to Dokploy services.

Run gdUnit4 tests for Godot projects. Use after implementing features, fixing bugs, or modifying GDScript files to verify correctness.

Unified login wizard combining Claude API authentication with CIPS identity setup. Use when /login invoked, first-run detected, or identity reset requested. Follows @asking-users PARAMOUNT patterns.

Notice and address deprecation warnings immediately in test output, CI/CD logs, and development - read the warning, check migration guides, update code to use recommended APIs, don't suppress warnings. Use when seeing deprecation warnings, DeprecationWarning messages, or deprecated API notices.

Build modern mobile applications with React Native, Flutter, Swift/SwiftUI, and Kotlin/Jetpack Compose. Covers mobile-first design principles, performance optimization (battery, memory, network), offline-first architecture, platform-specific guidelines (iOS HIG, Material Design), testing strategies, security best practices, accessibility, app store deployment, and mobile development mindset. Use when building mobile apps, implementing mobile UX patterns, optimizing for mobile constraints, or making native vs cross-platform decisions.

End-to-end testing scenarios for Supabase - complete workflow tests from project creation to AI features, validation scripts, and comprehensive test suites. Use when testing Supabase integrations, validating AI workflows, running E2E tests, verifying production readiness, or when user mentions Supabase testing, E2E tests, integration testing, pgvector testing, auth testing, or test automation.

Test mocking strategies with Vitest. Use when mocking dependencies in tests.

Review implementation for security vulnerabilities and best practices. Checks input validation, injection prevention, auth/authz, secrets handling. Use after implementation before merge.