Testing & Security

Comprehensive IEEE PES paper review for Physics-Guided SSL GNN power grid research. Use when reviewing paper sections, checking claims against evidence, validating physics consistency (PF/Line Flow/Cascade), auditing figures/tables, checking IEEE compliance, or positioning against competing work (PPGT). Triggers on "review my paper", "check claims", "validate physics", "PES submission ready", "compare to baselines", "audit figures", or any publication preparation task.

Guide for writing high-quality acceptance criteria and acceptance tests using industry-standard BDD (Behavior-Driven Development) and ATDD (Acceptance Test-Driven Development) practices. Use this skill when creating acceptance criteria for user stories, writing Gherkin scenarios, or implementing acceptance test specifications following Given-When-Then format.

Comprehensive backend development guide for Python/FastAPI/SQLAlchemy applications. Use when creating routes, services, models, schemas, database operations, or working with FastAPI endpoints, SQLAlchemy/Alembic migrations, Pydantic validation, error handling, dependency injection, or async patterns. Covers layered architecture (routes → services → repositories → models), separation of concerns, error handling, performance, testing strategies, and best practices.

dotnet CLI를 사용하여 .NET 테스트를 실행합니다. 유닛 테스트 실행, 코드 커버리지 리포트 생성 또는 벤치마크 수행 시 사용합니다.

Use this skill when the user needs help executing incident response workflows, investigating security incidents, containing threats, collecting forensic evidence, or performing remediation actions.

Use when verifying C3 documentation quality - checks methodology compliance (layer rules, structure, diagrams) and implementation conformance (docs vs code drift)

Maintain and update CHANGELOG.md following Keep a Changelog format. Use when: updating changelog, version documentation, release notes, semver versioning, categorizing changes (Added/Changed/Fixed/Security).

Complete Java Spring Boot skill set for building enterprise applications.Includes modular architecture with optional components:- PostgreSQL database with JPA/Hibernate + Flyway migration- Redis caching (optional)- Kafka/RabbitMQ messaging (optional, choose one)- JWT + OAuth2 authentication (optional OAuth2)- RBAC authorization (optional)- TDD with Mockito- Spec-First Development with OpenSpec

TDD-paired Gantt-style execution with compact waves. Each story gets tester agent (writes tests) BEFORE implementation agent (passes tests). Waves execute continuously with /compact between each wave. Respects dependencies, spawns up to 10 concurrent agents. Use when orchestrating parallel implementation workflows with test-first discipline.

Husky git hooks configuration with smart auto-detection for sensitive files, fail-fast execution, auto-fix workflows, and CI detection. Includes 5 required standards (smart .npmrc detection for multi-mono repos, set -e for fail-fast, pre-commit auto-fix with prettier:fix and lint:fix, pre-push validation with time tracking, clear emoji-enhanced output). Use when creating or auditing .husky/pre-commit and .husky/pre-push hooks.

Add additional test cases to an existing exercise to improve coverage

Multi-tenant architecture patterns including org_id claim management, JWT token structure with organization context, database isolation strategies for MongoDB and PostgreSQL, theme switching per organization, tenant provisioning workflows, data isolation patterns, and cross-tenant security. Activate for multi-tenancy implementation, tenant isolation, and organization-scoped data access.

Provides exhaustive security vulnerability checklists with severity classifications, point deductions, and detection commands. Use when performing security audits, code reviews, penetration testing preparation, or checking OWASP compliance.

Principles for writing effective, maintainable tests. Covers naming conventions, assertion best practices, and comprehensive edge case checklists. Based on BugMagnet by Gojko Adzic.

Progressive audit and cleanup of GitHub accounts - stale forks, orphaned secrets, failing workflows, security configs. Audit-first with user approval before destructive actions. Triggers on 'clean up GitHub', 'audit my repos', 'GitHub hygiene', 'stale forks', 'orphaned secrets'. Requires gh CLI. (user)

Query and manage local Convex documentation mirror (42 docs). Search Convex topics for real-time database, serverless functions, authentication, file storage, and React hooks. Use when implementing Convex backend features or answering Convex-related questions. (user)

Comprehensive Vitest testing framework guide with strong emphasis on Jest-to-Vitest migration. Covers automated migration using codemods, configuration setup, API differences, best practices, and troubleshooting. Use when migrating from Jest, setting up Vitest, writing tests, configuring test environments, or resolving migration issues. Primary focus is seamless Jest migration with minimal code changes.

Testing strategy, test pyramid (70% unit/25% integration/5% E2E), PGlite patterns, Playwright best practices. Use when writing tests, debugging test failures, or when user mentions testing/test/spec/E2E.

Test Temporal workflows with pytest, time-skipping, and mocking strategies. Covers unit testing, integration testing, replay testing, and local development setup. Use when implementing Temporal workflow tests or debugging test failures.

Workflows for the Loopwish Apple client (Swift/SwiftUI + Swift Package Manager): run swift test, run SwiftLint strict, and organize changes by module.