Testing & Security

MUST be loaded when setting up, installing, migrating, reviewing, auditing, or checking CLAUDE.md files in projects. Covers installing the promode CLAUDE.md into new projects, migrating existing CLAUDE.md content to READMEs (progressive disclosure), and auditing projects for conformance. Invoke PROACTIVELY when user mentions CLAUDE.md, project setup, agent configuration, or code meta files.

Expert guidance for Apache NiFi Registry including flow versioning, buckets, Git integration, security, and registry client configuration. Use this when working with flow version control and registry management.

GitHub Actions expert for CI/CD pipelines, workflows, build failures, test failures, lint errors, format checks, gh run, gh pr checks, ESLint, Prettier, TypeScript errors, quality gates, automated fixes, pipeline debugging, workflow monitoring

Diagnoses DotCMS GitHub Actions failures (PR builds, merge queue, nightly, trunk). Analyzes failed tests, root causes, compares runs. Use for "fails in GitHub", "merge queue failure", "PR build failed", "nightly build issue".

Use when looking up information from the latest Docusaurus documentation at https://docusaurus.io/docs

Identify friction points, bottlenecks, bugs, and technical debt. Use for audits, debugging sessions, when something feels wrong, or before major work to surface hidden issues. This is the second system in the 5-system framework.

Run static analysis, security scans, and dependency checks on .NET code. Use when task involves code quality, security audits, or vulnerability detection.

Apply security awareness during code review and implementation. Catches common vulnerabilities without requiring full security audit.

Playwright 기반 브라우저 자동화 및 E2E 테스트 스킬. 스크린샷, 웹 스크래핑, 폼 자동화 지원. "브라우저", "스크린샷", "E2E 테스트", "웹 스크래핑" 요청 시 활성화됩니다.

Proactively review code quality and security. Use automatically after code changes, when PRs are created, and before commits. Must be used for security, performance, and best practices reviews.

Testing patterns for Composable Svelte. Use when writing tests, using TestStore, mocking dependencies, or testing reducers and effects. Covers the send/receive pattern, mock implementations, testing composition strategies, and testing best practices.

Automatically applies when evaluating LLM performance. Ensures proper eval datasets, metrics computation, A/B testing, LLM-as-judge patterns, and experiment tracking.

Generate OpenAPI 3.x specification files (YAML) with endpoints, schemas, authentication, and examples for REST API documentation. Triggers on "create OpenAPI spec", "generate API documentation", "swagger spec for", "REST API schema".

Use when integrating Paddle payments, setting up subscriptions, configuring webhooks, or debugging billing issues. Covers sandbox testing and production deployment.

Test at extremes (1000x bigger/smaller, instant/year-long) to expose fundamental truths hidden at normal scales. Use when uncertain about scalability, edge cases unclear, or validating architecture for production volumes.

Use this skill when VSCode extensions fail to build in nix configuration, when adding new VSCode extensions, or when debugging extension-related build errors. Handles systematic search across nixpkgs, vscode-marketplace, and open-vsx sources with incremental testing.

Deploys ProAgentic DfX (H2 Tank Designer) using the full CI/CD pipeline. Runs all quality gates (lint, typecheck, tests, coverage, E2E) then deploys to Vercel. Use when deploying to staging or production, or when running the full CI pipeline locally.

Automatically invoked when running tests, analyzing test results, or verifying code changes. Ensures tests are run appropriately and results are interpreted correctly.

Playwright-BDD/Cucumberテストの品質分析スキル。以下の場合に使用:(1) .featureファイルのレビュー・品質チェック時(2) ステップ定義の再利用性分析時(3) シナリオ網羅性の確認時(4) E2Eテスト実行結果の分析時(5) テストの保守性評価時

Coordinate parallel agent execution using ACE Framework for LiveMetro React Native development. Use when implementing features with 3+ independent subtasks (UI + API + Firebase + Tests).