Testing & Security

Comprehensive guide to writing effective unit, integration, and end-to-end tests with modern testing frameworks

Prevent premature task completion by checking for parsing errors, execution failures, incomplete test results, and missing expected outputs. Acts as final quality gate before declaring tasks complete. Use proactively after major operations or when task success needs verification.

Write, test, and maintain Go code following idiomatic patterns, standard library conventions, and Go best practices. Use when working with Go/Golang projects, writing Go code, or reviewing Go implementations.

Working in isolated worktree directories for parallel work - work normally, tests isolated, orchestrator handles cleanup

Guide through GREEN phase - minimal implementation to pass test

生成多环境配置清单和dotenv模板文件，确保dev/test/staging/prod环境配置完整。当需要创建环境配置、生成.env.example模板、文档化测试框架setup、映射CI环境变量时使用。解决dotenv经常被忽视的痛点。

Automatically validates security best practices and prevents vulnerabilities

Guide developers through property-based testing including property definition, shrinking, and framework-specific implementation

Spring Boot 1�� `�tXX � L��@ �i L��| JUnit 5@ Mockito| ��X� �1X� ��. Controller, Service, Repository t�� \ L��| ��<\ �1Xp� �pt�i��.

Rigorous RL evaluation - statistical protocols, train/test discipline, metrics, generalization

Guide developers through mutation testing to assess and improve test suite quality

Expert skill for writing production-grade Python tests using pytest with modern fixtures, parametrization, and coverage integration.

Test development with pytest, fixtures, and mocking. Use for writing tests, test patterns, coverage, parametrization, and debugging test failures.

Comprehensive Python testing best practices, pytest conventions, test structure patterns (AAA, Given-When-Then), fixture usage, mocking strategies, code coverage standards, and common anti-patterns. Essential reference for code reviews, test writing, and ensuring high-quality Python test suites with pytest, unittest.mock, and pytest-cov.

Use telnet to interact with IoT device shells for pentesting operations including device enumeration, vulnerability discovery, credential testing, and post-exploitation. Use when the user needs to interact with network-accessible shells, IoT devices, or telnet services.

Python package management with poetry, pip, and uv including dependency resolution, lock files, version pinning, security audits (pip-audit, safety), virtual environments, and dependency graphs. Use when managing dependencies, resolving version conflicts, setting up new projects, or investigating security vulnerabilities in packages.

Implement comprehensive validation on both client and server sides with specific error messages and sanitization to prevent security vulnerabilities. When implementing form validation, input checking, or data sanitization. When working on API endpoints, form handlers, or data processing functions. When validating user input, business rules, or data integrity constraints. When implementing client-side validation for user experience or server-side validation for security. When checking data types, formats, ranges, or required fields. This skill applies to validation logic across all types of code files to ensure data integrity and security.

Guide for using pytest-mock plugin to write tests with mocking. Use when writing pytest tests that need mocking, patching, spying, or stubbing. Covers mocker fixture usage, patch methods, spy/stub patterns, and assertion helpers.

Write minimal, focused tests that cover core user flows and primary workflows without over-testing during development. Use this skill when deciding what to test, writing behavior-focused tests, naming test cases clearly, mocking external dependencies, or keeping tests fast. Apply when completing feature implementation and adding strategic tests, testing critical paths rather than edge cases, or deferring edge case testing to dedicated testing phases.

Validate design system consistency, check color usage, ensure dark mode coverage, verify Tailwind config sync. Use when checking design consistency, validating color tokens, ensuring dark mode works, auditing component styling, or maintaining the design system.