Testing & Security

Create ticket directories with 1-definition.md from PRD and planning docs. Use this skill to initialize new tickets with self-contained context, relationships, testing draft, and expectations.

Executes behavioral API tests by spinning up the service and making real HTTP requests. Validates status codes, response structure, and data correctness.

Deep Python code review of changed files using git diff analysis. Focuses on production quality, security vulnerabilities, performance bottlenecks, architectural issues, and subtle bugs in code changes. Analyzes correctness, efficiency, scalability, and production readiness of modifications. Use for pull request reviews, commit reviews, security audits of changes, and pre-deployment validation. Supports Django, Flask, FastAPI, pandas, and ML frameworks.

Programmatic browser automation using Playwright MCP server. Use when building Claude Code tools or applications that need web automation, testing, scraping, or browser interaction. Provides structured accessibility-based automation without screenshots or vision models.

Use this skill when building AI voice agents with the ElevenLabs Agents Platform. This skill covers the complete platform including agent configuration (system prompts, turn-taking, workflows), voice & language features (multi-voice, pronunciation, speed control), knowledge base (RAG), tools (client/server/MCP/system), SDKs (React, JavaScript, React Native, Swift, Widget), Scribe (real-time STT), WebRTC/WebSocket connections, testing & evaluation, analytics, privacy/compliance (GDPR/HIPAA/SOC 2), cost optimization, CLI workflows ("agents as code"), and DevOps integration. Prevents 17+ common errors including package deprecation, Android audio cutoff, CSP violations, missing dynamic variables, case-sensitive tool names, webhook authentication failures, and WebRTC configuration issues. Provides production-tested templates for React, Next.js, React Native, Swift, and Cloudflare Workers. Token savings: ~73% (22k → 6k tokens). Production tested.Keywords: ElevenLabs Agents, ElevenLabs voice agents, AI voice agent

Test-Driven Development (TDD) using Vitest and TypeScript. Use when the user requests help with TDD, writing tests before code, test-first development, Vitest test setup, TypeScript testing patterns, unit testing, integration testing, or following the Red-Green-Refactor cycle with Vitest.

Guide experienced developers through RED phase of TDD cycle - writing failing tests and verifying expected failures

Master Claude Code plugin architecture, design patterns, and technical implementation. Learn to build scalable, maintainable plugins with proper structure, performance optimization, and security best practices.

Database optimization, security audit, and performance analysis for MyDetailArea Supabase/PostgreSQL. Provides safe query optimization, RLS policy review, index recommendations, and migration strategies with extreme caution and rollback plans. Use when optimizing database performance, auditing security, or creating safe migrations. CRITICAL - All recommendations require validation and testing before production.

Testing patterns, pyramid, TDD

Full-stack development expertise covering backend, frontend, database, DevOps, and testing domains

Comprehensive IEEE PES paper review for Physics-Guided SSL GNN power grid research. Use when reviewing paper sections, checking claims against evidence, validating physics consistency (PF/Line Flow/Cascade), auditing figures/tables, checking IEEE compliance, or positioning against competing work (PPGT). Triggers on "review my paper", "check claims", "validate physics", "PES submission ready", "compare to baselines", "audit figures", or any publication preparation task.

Guide for writing high-quality acceptance criteria and acceptance tests using industry-standard BDD (Behavior-Driven Development) and ATDD (Acceptance Test-Driven Development) practices. Use this skill when creating acceptance criteria for user stories, writing Gherkin scenarios, or implementing acceptance test specifications following Given-When-Then format.

Comprehensive backend development guide for Python/FastAPI/SQLAlchemy applications. Use when creating routes, services, models, schemas, database operations, or working with FastAPI endpoints, SQLAlchemy/Alembic migrations, Pydantic validation, error handling, dependency injection, or async patterns. Covers layered architecture (routes → services → repositories → models), separation of concerns, error handling, performance, testing strategies, and best practices.

dotnet CLI를 사용하여 .NET 테스트를 실행합니다. 유닛 테스트 실행, 코드 커버리지 리포트 생성 또는 벤치마크 수행 시 사용합니다.

Use this skill when the user needs help executing incident response workflows, investigating security incidents, containing threats, collecting forensic evidence, or performing remediation actions.

Use when verifying C3 documentation quality - checks methodology compliance (layer rules, structure, diagrams) and implementation conformance (docs vs code drift)

Maintain and update CHANGELOG.md following Keep a Changelog format. Use when: updating changelog, version documentation, release notes, semver versioning, categorizing changes (Added/Changed/Fixed/Security).

Complete Java Spring Boot skill set for building enterprise applications.Includes modular architecture with optional components:- PostgreSQL database with JPA/Hibernate + Flyway migration- Redis caching (optional)- Kafka/RabbitMQ messaging (optional, choose one)- JWT + OAuth2 authentication (optional OAuth2)- RBAC authorization (optional)- TDD with Mockito- Spec-First Development with OpenSpec

TDD-paired Gantt-style execution with compact waves. Each story gets tester agent (writes tests) BEFORE implementation agent (passes tests). Waves execute continuously with /compact between each wave. Respects dependencies, spawns up to 10 concurrent agents. Use when orchestrating parallel implementation workflows with test-first discipline.