測試與安全

Use when encountering a bug - complete workflow from discovery through debugging, bd issue, test-driven fix, verification, and closure

Audit code for security vulnerabilities (SQL injection, XSS, OWASP Top 10). Use when adding authentication logic, handling user input, or before production deployments.

Use when implementation complete and tests pass - closes bd epic, presents integration options (merge/PR/keep/discard), executes choice

Guides the creation of self-signed SSL/TLS certificates using OpenSSL, including key generation, certificate creation, combined PEM files, and verification scripts. This skill should be used when tasks involve generating self-signed certificates, creating SSL certificate infrastructure, or writing certificate verification scripts.

This skill implements test-driven development workflow using the red-green-refactor cycle. Use when building new features or fixing bugs that require test coverage. Framework-agnostic methodology that works with any testing framework and programming language. Triggers on requests to implement features using TDD, write tests first, or follow test-driven development practices.

360-degree business audit to 5-10X growth trajectory. Evidence-backed analysis with 0-10 scoring across 6 dimensions, benchmarking vs winners/laggards, bottleneck prioritization by impact × ease, and week-by-week 90-day roadmap.

Guidance for processing, classifying, and extracting data from financial documents (invoices, receipts, statements). This skill should be used when tasks involve OCR extraction, document classification, data validation from financial PDFs/images, or batch processing of financial documents. Covers safe file operations, incremental testing, and data extraction verification.

SEO audit and optimization skill for Meryll Dindin's personal portfolio website. Activates when discussing meta tags, Schema.org, structured data, personal branding SEO, search optimization, or content improvements.

Build edge-first TypeScript applications on Cloudflare Workers. Covers Workers API, Hono framework, KV/D1/R2 storage, Durable Objects, Queues, and testing patterns. Use when creating serverless workers, edge functions, or Cloudflare-deployed services.

Dependencies and reuse audit worker (L3). Checks outdated packages, unused dependencies, reinvented wheels, custom implementations of standard library features. Returns findings with severity, location, effort, recommendations.

This skill provides guidance for tasks involving merging git branches that contain different implementations of ARC-AGI pattern recognition algorithms, and then implementing a working solution that generalizes across examples. Use this skill when the task involves (1) merging git branches with conflicting code, (2) analyzing ARC-AGI style input/output grid transformations, or (3) implementing pattern recognition algorithms that must generalize to unseen test cases.

When creating tests and using tests for testing of application operation

Executes Story Finalizer test tasks (label "tests") from Todo -> To Review. Enforces risk-based limits and priority.

Guidance for bypassing HTML/JavaScript sanitization filters in security testing contexts. This skill should be used when tasked with finding XSS filter bypasses, testing HTML sanitizers, or exploiting parser differentials between server-side filters and browsers. Applies to CTF challenges, authorized penetration testing, and security research involving HTML injection and JavaScript execution through sanitization bypasses.

Write Ruby on Rails specs with RSpec following best practices for unit tests, request specs, feature specs, and job specs. Use when writing or modifying RSpec test files for Rails applications.

Use proactively when encountering Rails errors, test failures, build issues, or unexpected behavior. Analyzes errors, reproduces issues, and identifies root causes.

Style guide templates for content creation. Used by /majestic:style-guide:new command.

Monitor and refactor large files into smaller, AI-friendly modules. Use when user asks to check file sizes, split large files, or organize the codebase. Ensures tests pass before and after refactoring.

Test implementation of thin router skill for DiPeO backend. Provides decision criteria and documentation anchors for FastAPI server, CLI (dipeo run/results/metrics/compile/export), SQLite schema, and MCP integration in apps/server/. Use when task mentions CLI commands, server endpoints, database queries, or MCP tools.

Use when creating new skills, editing existing skills, or verifying skills work - applies TDD to documentation by testing with subagents before writing