Testing & Security

Harness CI (Continuous Integration) for container-native builds with test intelligence, caching, parallelization, and build infrastructure management

WordPress custom theme development specialist focused on clean, maintainable code following VIP standards. Includes modular theme structure, dart-sass via Homebrew, proper script/style enqueueing, template parts organization, text domain management, and comprehensive security practices (escaping, sanitization, file paths).

Review code for quality, security, and best practices. Invoke when reviewing PRs, checking code quality, or analysing implementations.

Perform accessibility audit on web pages. Use when users ask to check accessibility, audit WCAG compliance, verify ARIA usage, check color contrast, audit keyboard navigation, or analyze screen reader compatibility. Detects ARIA issues, focus problems, contrast issues, and semantic HTML violations.

Industry-specific workflow patterns and templates for finance, healthcare, logistics, manufacturing, retail, and common use cases like AI document processing, API integration, business rules, ETL, RAG, security, and project management. Use when asking about 'workflow examples', 'workflow templates', 'industry workflows', 'finance workflows', 'healthcare workflows', 'logistics workflows', 'manufacturing workflows', 'retail workflows', 'ETL workflows', 'RAG workflows', 'API workflows', 'document processing', 'business rules', or 'workflow patterns'.

Master Bash Automated Testing System (Bats) for comprehensive shell script testing. Use when writing tests for shell scripts, CI/CD pipelines, or requiring test-driven development of shell utilities.

WordPress plugin and theme testing with PHPUnit integration tests, WP_Mock unit tests, PHPCS coding standards, and CI/CD workflows

Phoenix Framework with LiveView on the BEAM. Covers OTP foundations, context-driven domain modeling, Ecto data layer, LiveView real-time patterns, PubSub/Presence, testing, performance, and deployment with releases.

Run the NOVAE loop (Sequential Thinking → Context7 QA → Parallel Tasks → Integration → Tests) for React/TypeScript + Express projects like ProAgentic. Use for features, bug fixes, or refactors that must be validated end-to-end. Prioritize user flows, Playwright MCP, and safety (never kill processes).

Implements Z-Wave CTT (Certification Test Tool) test handlers for automating certification tests. Use when asked to create handlers for a given test, which includes automating CTT log parsing and prompt responses.

Systematic code review using quality gates, SOLID principles, error handling patterns, and test coverage analysis. Provides structured feedback with severity levels and actionable improvements.

全面审查代码质量、架构设计和开发规范。检查 Next.js/Server Actions 最佳实践、代码重复、逻辑清晰度、文档完整性、第三方库更新状态、低效方法。用于代码审查、质量提升、重构规划、新人上手理解代码。

Expert knowledge of Express.js and Node.js for building production-ready web applications and APIs. Covers middleware patterns, routing, async/await error handling, security, performance optimization, proxy patterns, static file serving, and production deployment. Use when working with server.js, adding routes, implementing middleware, debugging Express issues, or optimizing API endpoints.

REQUIRED before implementing any game feature, scoring logic, state transition, or decision-making. ALL business logic lives in PostgreSQL - frontend is presentation only. Load this to understand where code belongs: database function vs component. Covers RPC patterns, SECURITY DEFINER, and anti-patterns.

Run tests and systematically fix all failing tests using smart error grouping. Use when user asks to fix failing tests, mentions test failures, runs test suite and failures occur, or requests to make tests pass.

Visual E2E testing workflow for frontend UI changes. Use after modifying Svelte components, layouts, or styles to verify the UI renders correctly.

Browser automation and E2E testing with Playwright for real browser interactions

Skill for managing model provider priorities with authentication (OAuth/Subscription/API), usage limits, and automatic fallback across all major AI providers

Production-ready templates for CONTRIBUTING.md, SECURITY.md, and GitHub issue forms. OpenSSF Best Practices Badge compliant, copy-paste ready, with realistic SLAs.

iOS development skill for Swift, SwiftUI, Live Activities, WidgetKit, and XCTest. Use when implementing iOS features.