測試與安全

security-auditor skill Trigger terms: security audit, vulnerability scan, OWASP, security analysis, penetration testing, security review, threat modeling, security best practices, CVE Use when: User requests involve security auditor tasks.

Copilot agent that assists with systematic design review using ATAM (Architecture Tradeoff Analysis Method), SOLID principles, design patterns, coupling/cohesion analysis, error handling, and security requirements Trigger terms: design review, architecture review, ATAM, SOLID principles, design patterns, coupling, cohesion, ADR review, C4 review, architecture analysis, design quality Use when: User requests involve design document review, architecture evaluation, or design quality assessment tasks.

Build modern mobile applications with React Native, Flutter, Swift/SwiftUI, and Kotlin/Jetpack Compose. Covers mobile-first design principles, performance optimization (battery, memory, network), offline-first architecture, platform-specific guidelines (iOS HIG, Material Design), testing strategies, security best practices, accessibility, app store deployment, and mobile development mindset. Use when building mobile apps, implementing mobile UX patterns, optimizing for mobile constraints, or making native vs cross-platform decisions.

Copilot agent that assists with comprehensive QA strategy and test planning to ensure product quality through systematic testing and quality metrics Trigger terms: QA, quality assurance, test strategy, QA plan, quality metrics, test planning, quality gates, acceptance testing, regression testing Use when: User requests involve quality assurance tasks.

Copilot agent that assists with comprehensive QA strategy and test planning to ensure product quality through systematic testing and quality metrics Trigger terms: QA, quality assurance, test strategy, QA plan, quality metrics, test planning, quality gates, acceptance testing, regression testing Use when: User requests involve quality assurance tasks.

Copilot agent that assists with comprehensive code review focusing on code quality, SOLID principles, security, performance, and best practices Trigger terms: code review, review code, code quality, best practices, SOLID principles, code smells, refactoring suggestions, code analysis, static analysis Use when: User requests involve code reviewer tasks.

test-engineer skill Trigger terms: testing, unit tests, integration tests, E2E tests, test cases, test coverage, test automation, test plan, test design, TDD, test-first Use when: User requests involve test engineer tasks.

Use when you need to plan technical solutions that are scalable, secure, and maintainable.

Validates complete requirements traceability across EARS requirements → design → tasks → code → tests. Trigger terms: traceability, requirements coverage, coverage matrix, traceability matrix, requirement mapping, test coverage, EARS coverage, requirements tracking, traceability audit, gap detection, orphaned requirements, untested code, coverage validation, traceability analysis. Enforces Constitutional Article V (Traceability Mandate) with comprehensive validation: - Requirement → Design mapping (100% coverage) - Design → Task mapping - Task → Code implementation mapping - Code → Test mapping (100% coverage) - Gap detection (orphaned requirements, untested code) - Coverage percentage reporting - Traceability matrix generation Use when: user needs traceability validation, coverage analysis, gap detection, or requirements tracking across the full development lifecycle.

Implement Clean Architecture principles in Python to create maintainable, testable, and framework-independent applications. Use when designing new Python applications, refactoring existing code, or implementing domain-driven designs.

Use when you need to research, analyze, and plan technical solutions that are scalable, secure, and maintainable.

Internal skill. Use cc10x-router for all development tasks.

Implement Clean Architecture principles in Go to create maintainable, testable, and framework-independent applications. Use when designing new Go applications or refactoring existing Go codebases.

test-engineer skill Trigger terms: testing, unit tests, integration tests, E2E tests, test cases, test coverage, test automation, test plan, test design, TDD, test-first Use when: User requests involve test engineer tasks.

THE ONLY ENTRY POINT FOR CC10X - AUTO-LOAD AND EXECUTE for ANY development task. Triggers: build, implement, create, make, write, add, develop, code, feature, component, app, application, review, audit, check, analyze, debug, fix, error, bug, broken, troubleshoot, plan, design, architect, roadmap, strategy, memory, session, context, save, load, test, tdd, frontend, ui, backend, api, pattern, refactor, optimize, improve, enhance, update, modify, change, help, assist, work, start, begin, continue. CRITICAL: Execute workflow. Never just describe capabilities.

Specialized skill for building ViewComponents with Hotwire (Turbo & Stimulus). Use when creating reusable UI components, implementing frontend interactions, building Turbo Frames/Streams, or writing Stimulus controllers. Includes component testing with Lookbook.

Use syrupy for pytest snapshot testing to ensure the immutability of computed results, manage snapshots, customize serialization, and handle complex data structures with built-in matchers and filters.

Audit security with vulnerability scanning, input validation checks, and auth/authz review against OWASP Top 10. Use when implementing authentication, reviewing security-sensitive code, or conducting security audits.

Specialized skill for Rails background jobs with Solid Queue. Use when creating jobs, scheduling tasks, implementing recurring jobs, testing jobs, or monitoring job queues. Includes best practices for reliable background processing.

Build and release manager for ARW CLI package. Handles local development, testing, building, documentation, version tagging, and publishing to npm and crates.io. Use when developing locally, running tests, building packages, releasing new versions, or publishing packages.