Testing & Security

Auditar a configuração do Resource Server JWT/OIDC, integrando secrets do Azure Key Vault/Swarm e garantindo policies CORS/claims seguras.

Use when tests have race conditions, timing dependencies, or inconsistent pass/fail behavior - replaces arbitrary timeouts with condition polling to wait for actual state changes, eliminating flaky tests from timing guesses

Guide for configuring GitHub repository rules, branch protection, rulesets, CODEOWNERS, and security policies. Use when users need to set up branch protection rules, configure required reviews, enforce status checks, manage merge strategies, or implement repository security policies.

Expert TypeScript/JavaScript development guidance. Use when planning or writing TypeScript/JavaScript code, setting up TS/JS projects, configuring build tools (pnpm, Vite, TypeScript), implementing tests (Vitest), adding logging (pino for services, chalk/console for CLIs), working with React/Tailwind/Xstate, or following FP patterns. Covers stack decisions, tooling setup, testing strategies, and logging patterns for both services and CLI tools.

Reads Vintage Story logs after manual testing by the user.

Build, run, test, and debug Apple platform apps (iOS, macOS) headlessly using xcede CLI. Use when working with Xcode projects or Swift packages outside of Xcode IDE. Covers building for devices/simulators/Mac, running apps, executing tests (XCTest/Swift Testing), debugging with lldb, and configuring projects via .xcrc files.

Inventory available datasets, instrumentation gaps, and data quality considerations for the initiative.

GitHub Actions workflow automation for intelligent CI/CD pipelines with adaptive optimization. Use for workflow creation, pipeline optimization, security scanning, failure analysis, and automated deployment strategies.

Web infrastructure for Hostinger VPS - Nginx reverse proxy, SSL/Let's Encrypt, configuration audit, and application deployment (INCLUZ'HACT). Use for site configuration, SSL setup, 502/504 errors, or deployments.

Integrate external REST and GraphQL APIs with proper authentication (Bearer, Basic, OAuth), error handling, retry logic, and JSON schema validation. Use when making API calls, database queries, or integrating external services like Stripe, Twilio, AWS. Achieves 10-30x cost savings through direct execution vs LLM-based calls. Triggers on "API call", "REST API", "GraphQL", "external service", "API integration", "HTTP request".

Testing methodologies, patterns, and best practices for unit, integration, and E2E tests. (project)

Test-Driven Development workflow. Use when implementing new features with tests first. Activated by "TDD", "test first", "write tests".

Backend Cloud Run/Express/Firestore do Sr Cardoso. Use quando criar ou alterar endpoints, auth JWT, regras de agenda, financeiro, branding, WhatsApp, cron jobs, ou modelagem Firestore.

Professional network reconnaissance and port scanning using nmap. Supports various scan types (quick, full, UDP, stealth), service detection, vulnerability scanning, and NSE scripts. Use when you need to enumerate network services, detect versions, or perform network reconnaissance.

Use when writing or changing tests, adding mocks, or tempted to add test-only methods to production code - prevents testing mock behavior, production pollution with test-only methods, and mocking without understanding dependencies

Claude 4.5 Opus 기반 프로젝트 전체 검수 스킬

Debug Neovim/LazyVim configuration issues. Use when: user reports Neovim errors, keymaps not working, plugins failing, or config problems. Provides systematic diagnosis through hypothesis testing, not just checklists. Think like a detective narrowing down possibilities.

Integrate new DEX aggregators, swappers, or bridge protocols (like Bebop, Portals, Jupiter, 0x, 1inch, etc.) into ShapeShift Web. Activates when user wants to add, integrate, or implement support for a new swapper. Guides through research, implementation, and testing following established patterns. (project)

Evaluate and improve Claude skills for clarity, completeness, testability, and architectural coherence.

Writes E2E and component tests with Cypress including selectors, commands, fixtures, and API testing. Use when testing web applications end-to-end, testing user flows, or writing integration tests.