Testing & Security

Toolkit for interacting with and testing local web applications using Playwright. Supports verifying frontend functionality, debugging UI behavior, capturing browser screenshots, and viewing browser logs.

Provides expert guidance for NautilusTrader algorithmic trading platform. Covers backtesting strategies, live trading deployment, event-driven architecture, and building trading systems.

Specialized agent for integrating BarqNet backend with multiple client platforms (Desktop/Electron, iOS/Swift, Android/Kotlin). Handles API contracts, authentication flows, error handling, token management, cross-platform compatibility, and end-to-end data flow validation. Use when connecting backend APIs to client applications or debugging integration issues.

Security review checklist and patterns

テスト計画・実行・報告を標準化する運用スキル。

Comprehensive test-driven development for Terraform providers with iterative co-development of tests, generators, and schemas. NEVER skip development or refactoring - always fix root causes in generators, schemas, or test code. Only skip resources requiring external credentials (AWS/Azure/GCP) or premium licensing. Uses terraform-plugin-testing SDK with modern assertion patterns.

PostgreSQL expert for .sql migration files, CREATE TABLE, ALTER TABLE, indexes, constraints, foreign keys, schema changes, docker/postgres/migrations/, init.sql, idempotent SQL, transactions, BEGIN/COMMIT, psql, database testing, schema_migrations

Execute TDD red-green-refactor cycle with just verify gate. Use when writing new features or fixing bugs that require test coverage.

File-to-agent mapping and manifest generation for composite monorepo audits. Provides dynamic discovery of all config agents, generates structured audit manifests with priority-ordered spawn instructions, and handles library vs consumer repo exclusions. Use when performing root-level composite audits that scan repository for all config files and coordinate parallel agent execution across 26+ config domains.

DDDアーキテクチャでFastAPIのバックエンドを新規実装または既存コードベースをリファクタリングする際のガイド。レイヤー構成（domain/application/infrastructure/controller）、依存方向、責務境界、pydantic/sqlalchemy(sqlmodel)/alembic/pytestの前提、セッション管理（Dependsで1リクエスト1セッション、必要時UoW）を含む。

TypeScript strictest patterns, type guards, optional properties (exactOptionalPropertyTypes), Drizzle query safety, null checks. Use when fixing type errors, implementing complex types, or when user mentions TypeScript/types/generics.

Analyze test coverage, identify gaps, suggest strategic test cases. Use when writing features, after bug fixes, or during test reviews. Ensures comprehensive coverage without over-testing.

Enforces security guardrails for Claude Code. Blocks access to secrets, credentials, and sensitive files. Requires confirmation for network requests and infrastructure changes. Use when accessing files, making network requests, or running infrastructure commands.

Define semantic layer cubes with Drizzle ORM tables, including dimensions, measures, time dimensions, and security context. Use when creating analytics cubes, defining data models, setting up multi-tenant filtering, or working with drizzle-cube semantic layers.

Generate GitHub Actions workflow for beta testing track deployment

Toolkit for interacting with and testing local web applications using Playwright. Supports verifying frontend functionality, debugging UI behavior, capturing browser screenshots, and viewing browser logs.

Guide for testing Firebase Admin SDK with Vitest mocks. Use when writing tests that involve Firebase Auth, Firestore, or Firebase App.

Practical guide for building production ML systems based on Chip Huyen's AI Engineering book. Use when users ask about model evaluation, deployment strategies, monitoring, data pipelines, feature engineering, cost optimization, or MLOps. Covers metrics, A/B testing, serving patterns, drift detection, and production best practices.

Implement n8n credential types including API key, OAuth2, and header-based authentication patterns. Use this skill when creating *.credentials.ts files, implementing ICredentialType interfaces, configuring OAuth2 flows, setting up credential testing, injecting authentication headers, or following credential security best practices. Apply when building any n8n node that requires API authentication, token management, or secure credential handling.

Create a 24-hour tactical market brief from the latest macro and financial news, covering equities, commodities, and macro/FX. Use when asked for a market brief, daily/24h outlook, short-term drivers, or a structured multi-asset summary with JST timestamps and strict short-line formatting.