Testing & Security

Write comprehensive test coverage across unit, integration, regression, end-to-end, and manual tests. Watch for deprecation warnings in test output and address them immediately. Use when writing tests, implementing features, or before creating pull requests.

Comprehensive Go testing strategies including table-driven tests, testify assertions, gomock interface mocking, benchmark testing, and CI/CD integration

Gather examples for the acceptance test; use when we are about to start development of a new feature

Reference and maintain documentation of the project's technical stack including frameworks, languages, databases, testing tools, and third-party services. Use this skill when choosing technologies for implementation, adding new dependencies or libraries, setting up project infrastructure, configuring build tools and package managers, integrating third-party services (authentication, email, monitoring), selecting appropriate frameworks for features, ensuring consistency with existing technology choices, documenting technology decisions, reviewing technology compatibility, or onboarding team members to the tech stack. Apply this skill when making technology decisions, adding new tools or services, documenting the stack, or ensuring new code aligns with the project's established technical architecture.

Execute tests following TDD cycle: RED (verify test fails) → GREEN (implement to pass) → REFACTOR.Interprets tests.json and performs steps using available tools (browser MCP, API, CLI, etc.).WHEN TO USE:- Starting implementation of a ticket with TDD: yes- After writing test spec (3-spec.md) and tests.json- When user says "run tests", "test this", "TDD cycle"- After fixing a failing testREQUIRES:- Ticket with 3-spec.md- tests.json in .pmc/docs/tests/tickets/T0000N/

Use when implementing new features. Enforces TDD workflow - write tests FIRST, then implementation. Ensures AAA pattern, proper coverage, and quality test design.

Use when fetching oil/gas trade flow data from Kpler. Covers authentication, trade queries, flow aggregations, entity search, vessel positions, and company fleet data.

SLASH COMMAND ONLY - Do NOT invoke automatically. Only runs via /test-gh-skills command. Executes Python test orchestrator for 80 tests across 6 skill groups.

SMC trading agent skill for Alpha Harness backtesting. Provides ICT/SMC methodology,decision frameworks, and behavioral guidelines for autonomous trading in simulatedenvironments. USE WHEN agent wakes in harness, needs to analyze markets, decide onsetups, or place orders.

Enforce consistent API route patterns including auth, rate limiting, validation, and error handling. Reduces boilerplate and prevents security issues.

Create new BAP (Bitcoin Attestation Protocol) identities using the bap CLI. Supports Type42 (modern) and Legacy identity formats. Creates encrypted .bep backup files stored in Flow's /.flow/.bsv/backups/ directory.

RED-GREEN-REFACTOR for process documentation - baseline without skill, write addressing failures, iterate closing loopholes

Expert React - Hooks, composants, state management, data fetching, testing, styling et patterns modernes

WooCommerce REST API authentication and credential-based onboarding patterns for VioletConnect

Angular 21+ testing infrastructure with fixtures, ng-mocks, component harness, AAA pattern, and Jest best practices for eliminating duplication

How tests should be structured, named, and prioritized in this codebase.

Implement fixes for specific CodeRabbit review issues. Runs in isolated subagent context with focused task. Verifies fixes with tests before returning. Use one per issue from triage task list.

Manages local web server lifecycle and enables web page development with Playwright MCP. Use when developing HTML/CSS/JS, building web pages, viewing web pages, testing UI interactions, verifying renders, debugging frontend issues, or iterating on web design. Covers build, startup, shutdown, and browser-based testing workflows.

Configure organization-level GitHub Apps for secure cross-repository automation. Machine identity, audit trails, and enterprise-grade authentication.

Build production-ready Opal IGA custom connectors with proper authentication, API compliance, security, and testing. Use when generating, auditing, or refactoring Opal connectors.