Testing & Security

Security review and implementation support based on OWASP Cheat Sheet Series. Use for code review requests, security-related implementation/research, and vulnerability checks. Covers security topics such as XSS, SQL Injection, CSRF, and authentication/authorization.

Automate QuantConnect cloud backtesting workflow with GitHub integration. Push strategies to QuantConnect cloud, execute backtests, wait for completion, and retrieve performance metrics. This skill should be used when running backtests on QuantConnect cloud or testing trading strategies.

Generate FastAPI endpoint files with Pydantic models, dependency injection, and async handlers. Triggers on "create fastapi endpoint", "generate fastapi router", "python API endpoint", "fastapi route".

Parse OSCAL (Open Security Controls Assessment Language) documents in JSON, YAML, or XML formats and extract structured compliance data. Use this skill when working with security control catalogs, system security plans, component definitions, or other OSCAL document types.

Tests web applications with Playwright including E2E tests, locators, assertions, and visual testing. Use when writing end-to-end tests, testing across browsers, automating user flows, or debugging test failures.

交易员最新指令管理 - AI 代理在每次对话开始时必须检查此 skill, 读取并遵守 docs/最新指令.md 中的指令

Adapt escape room games for global markets (English, Korean, Japanese) with cultural considerations, efficient translation workflows, and language-agnostic design strategies. Handles multilingual template creation, cultural adaptation, and localization testing. Use when preparing games for international audiences or implementing multi-language support.

Expert guidance for ElysiaJS web framework development. Use when building REST APIs, GraphQL services, or WebSocket applications with Elysia on Bun. Covers routing, lifecycle hooks, TypeBox validation, Eden type-safe clients, authentication with JWT/Bearer, all official plugins (OpenAPI, CORS, JWT, static, cron, GraphQL, tRPC), testing patterns, and production deployment. Assumes bun-expert skill is active for Bun runtime expertise.

Guides writing HMR/Dev Server tests in test/bake/. Use when creating or modifying dev server, hot reloading, or bundling tests.

Testing conventions, test runner configurations, coverage requirements, and failure interpretation for the Klassenzeit monorepo.

Build integration tests for data access in the widget host app. Use when setting up test databases, running EF Core migrations for tests, or validating repository behavior end-to-end.

Deep security analysis for Solidity smart contracts with DeFi context

Set up and manage user authentication using Convex Auth with login, signup, password reset, and user profile initialization. Use when implementing auth flows, managing user sessions, initializing user profiles, or handling authentication state.

LangGraph framework skill for implementing SITNOVA's stateful AI operator with StateGraph, tools, and conditional routing for security gate automation.

Ruby/RSpec testing guidelines and workflow following project conventions. Use when writing or improving Ruby tests.

Use when auditing or fixing UI consistency issues like mismatched spacing, hardcoded colors, theme violations, or elements that look off - provides systematic checklist for theme, spacing, typography audits and proper techniques for canvas/SVG theming with reactivity

Agent-optimized Test-Driven Development workflow based on research from Codex, CodeT, Self-Debugging, TICoder, and SWE-bench Verified. Use when fixing bugs (generate fail-to-pass test first), implementing new features (acceptance tests first), or when user requests "TDD", "test-first", or "test-driven" approach. Provides high-confidence code changes with comprehensive test coverage.

Guide users through a structured workflow for co-authoring documentation. Use when user wants to write documentation, proposals, technical specs, decision docs, or similar structured content. This workflow helps users efficiently transfer context, refine content through iteration, and verify the doc works for readers. Trigger when user mentions writing docs, creating proposals, drafting specs, or similar documentation tasks.

Create a new TypeScript exercise with starter code, test cases, and reference solution

Vitest testing conventions and patterns for @j0kz/mcp-agents including test organization, naming, assertion patterns, mocking strategies, and coverage targets (75%). Use when writing tests, organiz...