Testing & Security

Production-tested setup for Base UI (@base-ui-components/react) - MUI's unstyled component librarythat provides accessible, customizable React components using render props pattern. This skillshould be used when building accessible UIs with full styling control, migrating from Radix UI,or needing components with Floating UI integration for smart positioning.Use when: Setting up Base UI in Vite + React projects, migrating from Radix UI to Base UI,implementing accessible components (Dialog, Select, Popover, Tooltip, NumberField, Accordion),encountering positioning issues with popups, needing render prop API instead of asChild pattern,building with Tailwind v4 + shadcn/ui, or deploying to Cloudflare Workers.⚠️ BETA STATUS: Base UI is v1.0.0-beta.4. Stable v1.0 expected Q4 2025. This skill providesworkarounds for known beta issues and guidance on API stability.Keywords: base-ui, @base-ui-components/react, mui base ui, unstyled components, accessible components,render props, radix alternative, radix

Generate two distinct, creative, and copyright-compliant ad copy variations based on campaign parameters and research insights. Use when creating advertising text content including headlines, body copy, and calls-to-action. Triggers on requests to write ad copy, create ad text, generate headlines, or develop platform-specific ad messaging for A/B testing.

Enforce test-first changes and debug based on failing tests.

Authentication patterns for React web applications. Use when implementing login flows, OAuth, JWT handling, session management, or protected routes in React web apps.

Generate compliance reports from OSCAL assessment results, SSPs, and POA&Ms in various formats. Use this skill to create audit-ready documentation, executive summaries, and detailed compliance status reports.

Angular 21 development patterns for this project. Use when writing or reviewing Angular components, services, templates, or tests.

UX design expert for user research, personas, journey mapping, information architecture, wireframing, prototyping, usability testing, and accessibility. Creates user-centered designs with WCAG 2.1 AA/AAA compliance.

Comprehensive code review standards covering security, quality, performance, testing, and documentation. Includes checklists, common issues, and best practices for thorough code reviews.

⚡ PRIMARY TOOL for: 'what's the architecture', 'system design', 'how are layers organized', 'find design patterns', 'audit structure', 'map dependencies'. Uses claudemem v0.3.0 AST structural analysis with PageRank. GREP/FIND/GLOB ARE FORBIDDEN.

Generate NGINX configuration files for web servers, reverse proxies, load balancing, SSL termination, and static file serving. Triggers on "create nginx config", "generate nginx.conf", "nginx configuration for", "reverse proxy config".

MagentaA11y accessibility acceptance criteria reference. Use this skill when users ask for accessibility criteria, acceptance criteria (AC), Gherkin tests, developer notes, or how to test components for accessibility. Supports both Web and Native (iOS/Android) platforms. Triggers on requests like "give me the Button AC", "how to test a checkbox", "accessibility criteria for modal", "native button Gherkin", "web link developer notes", or any MagentaA11y component query.

Axum (Rust) web framework patterns for production APIs: routers/extractors, state, middleware, error handling, tracing, graceful shutdown, and testing

A capability-oriented reasoning framework for identifying and describing security-relevant capability expansions in software supply-chain version transitions. Provides capability vocabulary, counterfactual reasoning scaffolds, and contextual analysis tools. Use when analyzing code version transitions to understand what new affordances emerge, not to classify code as malicious/benign. Atomic unit of analysis is the version transition (diff), not standalone code.

Elite UX agency capabilities for designing products users intuitively love. Use when creating user journeys, conducting UX research, designing flows, testing with Playwright, performing design critiques, building wireframes, writing microcopy, accessibility audits, competitive analysis, or any product design work. Triggers on UX, user journey, user experience, flow design, usability, design critique, persona creation, emotional mapping, or product design discussions.

Generate actionable, dependency-ordered task lists from implementation plans usingSpecification-Driven Development (SDD) methodology. Use when creating executablework breakdown, task lists, or executing the /tasks command.This skill analyzes design artifacts (plan, contracts, data models, test scenarios)and generates a sequenced task list with parallel execution markers. Tasks followTDD (test-first) and contract-first principles, with clear dependencies and file paths.Triggered by: /tasks command, user request for "task list", "work breakdown","implementation steps", or "what tasks do I need to complete?".

Performs comprehensive security audits of KrakenD configurations to identify vulnerabilities, authentication gaps, and security best practices violations with Flexible Configuration support

Essential testing patterns for any project.Use when: writing tests, setting up testing, or fixing test issues.Triggers: "test", "testing", "unit test", "write tests".

Write and run Go tests using the built-in testing package with table-driven tests, subtests, and mocking via interfaces. Use when writing Go tests or setting up test infrastructure.

Optimize Docker images for Python applications including multi-stage builds (70%+ size reduction), security scanning with Trivy, layer caching, and distroless base images. Use when creating Dockerfiles, reducing image size, improving build performance, or scanning for vulnerabilities.

Generate code templates for common patterns: REST API endpoints, React components, database models, authentication, error handling. Use when implementing new features or creating boilerplate code.This skill provides production-ready code templates:- REST API endpoints (Express, FastAPI)- React/Vue components with best practices- Database models (Sequelize, TypeORM, Mongoose)- Authentication middleware (JWT, OAuth)- Error handling patternsTriggers: "create API", "new component", "implement auth", "add model", "generate code", "コードテンプレート", "API作成", "コンポーネント作成"