Testing & Security

Guides correct usage of @j0kz/mcp-agents standardization and automation scripts including version.json single source of truth, test count automation, URL casing rules, and critical workflow pattern...

Use this skill when developing Streamlit applications with uv package manager. Covers project setup, running apps, testing (unit/e2e), and development workflows. Trigger when user mentions "streamlit", "uv run streamlit", "streamlit testing", or asks about building data apps with Python.

World-class data science skill for statistical modeling, experimentation, causal inference, and advanced analytics. Expertise in Python (NumPy, Pandas, Scikit-learn), R, SQL, statistical methods, A/B testing, time series, and business intelligence. Includes experiment design, feature engineering, model evaluation, and stakeholder communication. Use when designing experiments, building predictive models, performing causal analysis, or driving data-driven decisions.

Reference for donut.party/system - component lifecycle and dependency injection library for Clojure. Use when working with component definitions, system management, refs between components, or lifecycle signals (start/stop/suspend/resume). Triggers on donut.system imports, ::ds/start, ::ds/stop, ::ds/config, ds/ref, or component-based architecture. Prefer using donut.system over mount, integrant, and stuart sierra's component.

Active Directory operational hygiene analyzer for OpsIdentity project. Detects administrative disorder, architectural debt, and suboptimal configurations—not offensive security. Use when (1) improving OpsIdentity PowerShell collection functions, (2) adding AI analysis prompts to server.js, (3) analyzing coverage gaps against 87 industry metrics, (4) implementing smart filtering or anti-hallucination rules. Triggers on AD health, GPO analysis, replication, trusts, token size, FSMO, site topology, DNS/DHCP hygiene, or requests to analyze existing OpsIdentity code.

Advanced swarm orchestration patterns for research, development, testing, and complex distributed workflows

Use when user requests new features or functionality. Defines complete workflow from specification through testing to implementation.

Runs automated HTML linting using @axe-core/playwright (WCAG accessibility) and markuplint (HTML standards). Use when user asks to "lint HTML", "run automated checks", "validate HTML", "check accessibility", or mentions "axe-core", "markuplint", "automated audit".

Browser automation and end-to-end testing. Use when user wants to test web applications, automate browser interactions, scrape web content, or verify UI functionality across browsers.

Systematic code review guidelines and checklist. Use this skill when reviewing code, conducting pull request reviews, or establishing code quality standards. Provides comprehensive review criteria covering functionality, design, testing, security, and documentation. Complements the code-quality agent.

Write gdUnit4 test code with type-specific assertions, signal testing, and scene runner support. Use when creating or updating tests for GDScript files.

Security requirements, threats, and controls that apply across this system.

This skill should be used when the user requests to audit, check, or improve application security by analyzing security headers, cookie configuration, RLS policies, input sanitization, rate limiting, and other security measures. It generates a comprehensive security audit report with actionable recommendations. Trigger terms include security audit, security check, harden security, security review, vulnerability check, security headers, secure cookies, input validation, rate limiting, security best practices.

Master advanced ASP.NET Core development including Entity Framework Core, authentication, testing, and enterprise patterns for production applications.

Use when encountering any bug, test failure, or unexpected behavior, before proposing fixes

Browser automation for development and testing. Use when showing UI progress to user, writing e2e tests, or testing complex interactions (drag/drop, keyboard nav).

Complete patterns for containerizing applications with Docker: Dockerfiles, multi-stage builds, layer optimization, security best practices, and production-ready configurations for Python/FastAPI and Node.js/Next.js apps.

Build modern mobile applications with React Native, Flutter, Swift/SwiftUI, and Kotlin/Jetpack Compose. Covers mobile-first design principles, performance optimization (battery, memory, network), offline-first architecture, platform-specific guidelines (iOS HIG, Material Design), testing strategies, security best practices, accessibility, app store deployment, and mobile development mindset. Use when building mobile apps, implementing mobile UX patterns, optimizing for mobile constraints, or making native vs cross-platform decisions.

Refining and improving user prompts for StickerNest development. Use when the user asks to improve a prompt, make a request clearer, help phrase something better, or when they give a vague request and you want to clarify. Covers prompt engineering, StickerNest context injection, and disambiguation.

Integrate and maintain the Instagram/Facebook social wall for case studies and blogs in this repo, including manual import workflows, Meta Graph API setup, compliance endpoints, and SEO/performance/security guardrails. Use when adding social posts, updating the importer, wiring UI placement, or handling Meta tokens and data deletion callbacks.