Testing & Security

Validates command frontmatter, delegation patterns, simplicity guidelines, and documentation proportionality. Use when reviewing, auditing, analyzing, evaluating, improving, or fixing commands, validating official frontmatter (description, argument-hint, allowed-tools, model), checking delegation clarity or standalone prompts, assessing simplicity guidelines (6-15 simple, 25-80 documented), validating argument handling, or assessing documentation appropriateness. Distinguishes official Anthropic requirements from custom best practices. Also triggers when user asks about command best practices, whether a command should be a skill instead, or needs help with command structure.

Create production-ready Kubernetes manifests for Deployments, Services, ConfigMaps, and Secrets following best practices and security standards. Use when generating Kubernetes YAML manifests, creating K8s resources, or implementing production-grade Kubernetes configurations.

Standard patterns for using Better Auth in Next.js 16+ App Router projects, including server and client integration, JWT plugin usage, and attaching tokens to backend API calls in a reusable way.

Continuous audit readiness with compliance monitoring, documentation automation, control testing, and audit preparation for PE-backed multi-acquisition organizations

WHEN: Flask project review, Blueprint structure, extensions, request handlingWHAT: Blueprint organization + Extension patterns + Request/response handling + Configuration + TestingWHEN NOT: FastAPI → fastapi-reviewer, Django → django-reviewer, General Python → python-reviewer

Proactive skill for validating dbt models against coding conventions. Auto-activates when creating, reviewing, or refactoring dbt models in staging, integration, or warehouse layers. Validates naming, SQL structure, field conventions, testing coverage, and documentation. Supports project-specific convention overrides and sqlfluff integration.

Python stack configuration - uv, ruff, mypy, pytest with 96% coverage threshold

Principal .NET 10 Architect providing high-performance, idiomatic C# 14 solutions.Use when user asks about:- .NET design patterns (Singleton, Factory, CQRS, Repository, Options Pattern)- C# coding style and best practices- Architecture decisions (Minimal APIs, Modular Monoliths)- Modern C# implementations with primary constructors, records, field keywordTriggers: ".NET", "C#", "design pattern", "architecture", "Minimal API", "primary constructor", "record type", "Options Pattern", "Singleton", "Factory","CQRS", "Repository pattern", "dependency injection"

Senior Backend Code Reviewer with 12+ years Java experience. Use when reviewing Java/Spring code, checking code quality and style, identifying code smells and anti-patterns, verifying security practices, ensuring test coverage, or configuring static analysis tools (Checkstyle, SpotBugs, SonarQube).

EU Cyber Resilience Act (CRA) compliance code reviewer. Use when reviewing code for CRA/EU cybersecurity compliance, checking security requirements, vulnerability handling, SBOM requirements, or assessing product conformity. Triggers on: CRA review, EU security compliance, cybersecurity requirements check, Annex I requirements, vulnerability handling assessment, SBOM validation, product category classification.

Shared resource library for Beam AI integration skills. DO NOT load directly - provides common references (setup, API docs, error handling, authentication) and scripts used by beam-connect and individual Beam skills.

Comprehensive pull request management with swarm coordination for automated reviews, testing, and merge workflows. Use for PR lifecycle management, multi-reviewer coordination, conflict resolution, and intelligent branch management.

Architecture decision guides for Kailash SDK including framework selection (Core SDK vs DataFlow vs Nexus vs Kaizen), runtime selection (Async vs Sync), database selection (PostgreSQL vs SQLite), node selection, and test tier selection. Use when asking about 'which framework', 'choose framework', 'which runtime', 'which database', 'which node', 'architecture decision', 'when to use', 'Core SDK vs DataFlow', 'PostgreSQL vs SQLite', 'AsyncLocalRuntime vs LocalRuntime', or 'test tier selection'.

Set up Vitest browser mode with Playwright or WebDriverIO providers, use page and userEvent APIs, test components. Use when testing browser-specific code or UI components.

Frontend testing with browser automation, assertions, and visual regression. Use when testing web UIs, validating user flows, checking responsive design, form submissions, login flows, or detecting visual regressions. Supports dev server auto-detection, assertion collection, and screenshot comparison.

Write unit tests using the Crucible test framework for Lean 4 projects. Use when creating tests, adding test files, or when the user mentions Crucible, unit tests, or testing Lean code.

Use when implementing any feature or bugfix, before writing implementation code - write the test first, watch it fail, write minimal code to pass; ensures tests actually verify behavior by requiring failure first

Designs unit, integration and end-to-end testing strategies and implements tests for code changes.

Comprehensive Tailscale VPN setup, configuration, and management for mesh networking, secure access, and zero-trust infrastructure. Covers installation, CLI commands, subnet routers, exit nodes, Tailscale SSH, ACL/grants configuration, MagicDNS, Tailscale Serve/Funnel, API automation, and production deployment best practices.

Run visual tests, compare golden files, and report bugs for Stapledons Voyage. Use when user asks to run tests, check golden files, or report visual regressions.