Testing & Security

Detects session management vulnerabilities including session fixation, session hijacking, and insecure cookie handling. Use when analyzing authentication sessions, cookie security, or investigating session-related vulnerabilities.

This skill should be used when working with SLICOT (Subroutine Library In Control Theory) routines, translating Fortran 77 to C, parsing SLICOT HTML documentation, creating test cases from SLICOT examples, understanding SLICOT data formats, or planning translation priorities using dependency analysis tools.

Production-ready authentication system for Next.js 15 + Supabase. Use when setting up auth, login, signup, OAuth, Google login, password reset, or user authentication.

Tailwind CSS configuration template and validation logic for tailwind.config.js with src/index.css directives. Includes 5 required standards (required content paths for scanning, must extend default theme not replace, required plugins array, must be named tailwind.config.js, required dependencies). Ensures proper PostCSS integration and Tailwind directive setup. Use when creating or auditing tailwind.config.js files for consistent Tailwind CSS setup.

Aplica padrões de excelência em testes com NestJS e Jest seguindo Clean Architecture, DDD e boas práticas de testabilidade. Use quando criar ou refatorar testes unitários, de integração ou E2E em projetos NestJS.

Vitest + Storybook testing strategy with clear role separation.Reference for implementing unit tests and UI interaction tests.

CLI testing strategies and patterns for Node.js (Jest) and Python (pytest, Click.testing.CliRunner). Use when writing tests for CLI tools, testing command execution, validating exit codes, testing output, implementing CLI test suites, or when user mentions CLI testing, Jest CLI tests, pytest CLI, Click.testing.CliRunner, command testing, or exit code validation.

Build programmatic SEO pages with server-side meta tags and structured data. Use this skill to implement database schemas, dynamic routes, SEO injection, sitemaps, and JSON-LD structured data.

Add a new Docker Compose service with automatic DNS configuration (OVH) and SSL certificates. Use when adding new web services to the homelab infrastructure.

Testing patterns for litefs-py and litefs-django. Use when writing tests, setting up fixtures, understanding test organization, or configuring pytest marks. Triggers: test, pytest, unit test, integration test, property-based testing, hypothesis, fixtures, in-memory adapters.

Runtime security validation including secret scanning, PII detection, prompt injection defense, audit logging, and output validation for AI agents. Use when validating user input, scanning for secrets, detecting PII, preventing data exfiltration, or implementing security guardrails.

Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.

Perform a repo-wide, evidence-based audit of documentation against the current codebase and recent changes. Produces a proposed, fully rewritten documentation set in TempDoc-ForUserReview and asks for approval before any changes are applied to the existing docs.

Reviews code for quality issues, potential bugs, security vulnerabilities, and adherence to best practices. Provides actionable feedback with specific line references.

Use this skill when the user mentions LimaCharlie or wants to work with endpoint detection, cloud security monitoring, detection rules, or security automation. This provides an overview of LimaCharlie components and their interconnections.

Setup and configure testing infrastructure with Vitest, Playwright, and testing patterns. Use when users need to add tests, configure test runners, implement TDD workflows, or create E2E test suites. Covers unit, integration, and end-to-end testing strategies.

Comprehensive testing strategies with Vitest, Jest, and Testing Library

Systematic code quality improvement workflow combining smart-reviewer and test-generator MCP tools with Pareto 80/20 auto-fixes, severity-based review, and comprehensive test generation. Use when p...

Expert in Lighthouse Journey Timeline frontend architecture, React patterns, TypeScript, TanStack Query, Zustand, and component development with strong type safety. Use when building UI components, implementing data fetching, managing state, writing forms, styling with Tailwind, testing React components, or integrating with backend APIs.

Proper delegation patterns for Task() invocations with governance context injection