Testing & Security

Use when encountering any bug, test failure, or unexpected behavior, before proposing fixes

ALWAYS use this skill when users ask to create, generate, or write UNIT TESTS for BigQuery SQL queries. Invoke proactively whenever the request includes "test" or "tests" with a query/table name. This skill is for unit testing ONLY (not data quality checks - use bigconfig-generator for Bigeye monitoring). Works with bigquery-etl-core skill to understand query patterns.

Use this skill when implementing, modifying, or fixing the admin dashboard (admin-dashboard-v2). Triggers for tasks involving dashboard UI, components, pages, features, hooks, or API integration. Orchestrates a rigorous QA workflow with PM review, use case writing, testing, and bug fixing cycles.

Kotlin/Spring Boot 백엔드 테스트 코드를 생성하는 스킬. 사용자가 "백엔드 테스트 작성해 줘", "서비스 테스트 만들어 줘", "컨트롤러 테스트 생성해 줘" 등의 요청을 할 때 사용합니다. JUnit 5, MockK, Spring Boot Test를 활용한 단위/통합 테스트를 생성합니다.

Review artifact scan results for reportable bug bounty findings. Analyzes archives, SQL dumps, binary databases, and source backups for secrets, code vulnerabilities, misconfigurations, and PII exposure. Focuses on high-confidence findings with clear security impact.

Test and debug webhook integrations on localhost using Hookdeck CLI. Use when developing webhook handlers, testing webhook delivery locally, debugging webhook failures, or setting up team webhook development workflows.

Generate adversarial inputs, edge cases, and boundary test payloads. Use when testing input robustness, finding edge case failures, or stress-testing LLM boundaries.

Master of defensive Bash scripting for production automation, CI/CD pipelines, and system utilities. Expert in safe, portable, and testable shell scripts. Use when writing, creating, authoring, generating, or developing bash scripts, shell scripts, or automation. Also triggers for learning bash best practices, understanding defensive programming patterns, implementing error handling, ensuring portability, following shellcheck recommendations, or applying production-grade bash standards. Helps with CI/CD scripts, system utilities, deployment automation, and production bash code.

Use when encountering any bug, test failure, or unexpected behavior, before proposing fixes - four-phase framework (root cause investigation, pattern analysis, hypothesis testing, implementation) that ensures understanding before attempting solutions

Build async APIs with FastAPI, including endpoints, dependency injection, validation, and testing. Use when creating REST APIs, web backends, or microservices.

Comprehensive guide for building functional tools for LiveKit voice agents using the @function_tool decorator. Use when creating tools for LiveKit agents to enable capabilities like API calls, database queries, multi-agent coordination, or any external integrations. Covers tool design, RunContext handling, interruption patterns, parameter documentation, testing, and production best practices.

Ensure iOS/iPadOS-friendly form inputs (keyboard type, inputmode, autocomplete, autocapitalize/autocorrect, enterkeyhint) when editing or reviewing UI forms in web apps. Use when adding or modifying form fields (Svelte/HTML/TSX/etc.), auditing form UX, or fixing mobile Safari keyboard issues.

Use when implementing features, fixing bugs, or making code changes. Ensures scope is defined before coding, then enforces RED → GREEN → REFACTOR test discipline. Triggers: 'implement', 'add', 'build', 'create', 'fix', 'change', 'feature', 'bug'.

Use when user requests autonomous operation or AUTO_MODE. Guide through authorization and activation via policy discovery.

Generate comprehensive PySpark-based data quality validation tests for Databricks tables. Use when creating automated tests for data completeness, accuracy, consistency, and conformity, or when user mentions test generation, data validation, quality monitoring, or PySpark test frameworks.

Performs a fast, focused code review checking for common issues, security vulnerabilities, and best practices without over-engineering. Optimized for cost-efficiency by targeting specific concerns rather than broad exploration.

Install Kyverno, create validation policies, and understand audit vs enforce modes for Kubernetes admission control.

Automated code review assistance with AI-powered analysis, security scanning, performance analysis, and best practices enforcement.

Never test mock behavior. Never add test-only methods to production classes. Understand dependencies before mocking. Language-agnostic principles with TypeScript/Jest and Python/pytest examples.

COO 社交媒体运营技能，使用 Playwright MCP 实现小红书、抖音、微信公众号、视频号的自动化运营