Testing & Security

Guide users through a structured workflow for co-authoring documentation. Use when user wants to write documentation, proposals, technical specs, decision docs, or similar structured content. This workflow helps users efficiently transfer context, refine content through iteration, and verify the doc works for readers. Trigger when user mentions writing docs, creating proposals, drafting specs, or similar documentation tasks.

Next.js API route development patterns for the digital marketplace including authentication, error handling, validation, and RESTful conventions. Use when creating new API endpoints or modifying existing routes.

Never test mock behavior. Never add test-only methods to production classes. Understand dependencies before mocking.

Verifies code and configurations comply with security standards and regulations

Improves code quality after tests pass

Kindle Web Reader/Kindle macOSアプリからスクリーンショットをキャプチャしてPDF生成。書籍名やASIN指定でKindle本を自動PDF化。Kindleライブラリ検索、Playwrightでページ自動取得、PNG画像からPDF変換、レイアウト設定（single/double）、範囲指定、品質調整、リサイズに対応。タイトル取得に失敗した場合は表紙キャプチャをAIで視認して命名する。

Expert deployment automation for cloud platforms. Handles CI/CD pipelines, container orchestration, infrastructure setup, and production deployments with battle-tested configurations. Specializes in GitHub Actions, Docker, HuggingFace Spaces, and GitHub Pages.

Automatically applies when securing AI/LLM applications. Ensures prompt injection detection, PII redaction for AI contexts, output filtering, content moderation, and secure prompt handling.

認証、ユーザー入力、機密データを扱う際に使用。OWASP Top 10をカバー。

Complete Test-Driven Development workflow combining Sherpa guidance, Julie code intelligence, and Goldfish progress tracking. Automatically activates for feature implementation with systematic phases, semantic code search, and persistent checkpointing. Use when implementing new features with test-first discipline.

Implement REST APIs in ABP Framework with AppServices, DTOs, pagination, filtering, and authorization. Use when building API endpoints for ABP applications.

Use when testing web applications with Chrome DevTools MCP. Covers GUI Chrome setup and dev server configuration. Required reading before any browser automation.

Use when building applications with Weavr for payments, cards, accounts, and identity verification. Covers both API integration and secure UI components.

Guide for integrating Stripe payments into an existing project. Covers one-time payments, subscriptions, and advanced patterns with security best practices.

Understand and apply the n8n community node tech stack including TypeScript strict mode, Node.js v22+, n8n-workflow package, and build tools. Use this skill when setting up new n8n node projects, configuring package.json, writing TypeScript with strict mode, running build or dev scripts, configuring ESLint with n8n rules, setting up Jest tests, or preparing packages for npm publishing. Apply when making decisions about runtime, dependencies, or tooling in n8n node development.

Run formatting, linting, and tests using uv + Ruff + pytest

dbt (data build tool) patterns for data transformation and analytics engineering. Use when building data models, implementing data quality tests, or managing data transformation pipelines.

A skill with a name that might conflict. Use for testing conflict detection.

Complete browser automation with Playwright. Auto-detects dev servers, writes clean test scripts to /tmp. Test pages, fill forms, take screenshots, check responsive design, validate UX, test login flows, check links, automate any browser task. Use when user wants to test websites, automate browser interactions, validate web functionality, or perform any browser-based testing.

Use the qashier-cli tool to manage Google OAuth authentication, switch between staging/production environments, and extract Firestore documents. Invoke when user mentions qashier-cli, authentication issues, environment switching, Firestore data extraction, or needs to verify auth status.