測試與安全

Analyze test coverage, identify gaps, detect dead code, and improve test quality. Use when user asks to check coverage, review tests, find untested code, or improve test robustness.

Application lifecycle audit worker (L3). Checks bootstrap initialization order, graceful shutdown, resource cleanup, signal handling, liveness/readiness probes. Returns findings with severity, location, effort, recommendations.

Design system templates and patterns for UI/UX briefs. Used by /majestic:ux-brief command.

Observability audit worker (L3). Checks structured logging, health check endpoints, metrics collection, request tracing, log levels. Returns findings with severity, location, effort, recommendations.

Creates test documentation (testing-strategy.md + tests/README.md). Establishes testing philosophy and Story-Level Test Task Pattern. L2 Worker in ln-100-documents-pipeline workflow.

Use when designing cloud architectures, planning migrations, or optimizing multi-cloud deployments. Invoke for Well-Architected Framework, cost optimization, disaster recovery, landing zones, security architecture, serverless design. Keywords: AWS, Azure, GCP, multi-cloud, cloud migration, cost optimization.

Performs systematic code review checking for correctness, maintainability, security, and best practices. Activates when user requests review, before creating PRs, or when significant code changes are ready. Ensures quality gates are met before code proceeds to production.

Use when developing WordPress themes, plugins, customizing Gutenberg blocks, implementing WooCommerce features, or optimizing WordPress performance and security.

Use when reviewing pull requests, conducting code quality audits, or identifying security vulnerabilities. Invoke for PR reviews, code quality checks, refactoring suggestions. Keywords: code review, PR review, quality, refactoring, best practices.

Test coverage analysis to ensure adequate testing, Storybook coverage, and test quality.

Dependency health analysis to detect outdated packages and unused dependencies.

Use when setting up monitoring systems, logging, metrics, tracing, or alerting. Invoke for dashboards, Prometheus/Grafana, load testing, profiling, capacity planning. Keywords: monitoring, observability, logging, metrics, tracing, alerting, Prometheus, Grafana.

Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews. Keywords: security review, vulnerability, SAST, audit, penetration testing, cloud security.

Use when building .NET 8 applications with minimal APIs, clean architecture, or cloud-native microservices. Invoke for Entity Framework Core, CQRS with MediatR, JWT authentication, AOT compilation. Keywords: .NET Core, .NET 8, ASP.NET Core, minimal API, EF Core, CQRS.

Analyzes events through political science lens using IR theory (Realism, Liberalism, Constructivism),comparative politics, institutional analysis, and power dynamics.Provides insights on governance, security, regime change, international cooperation, and policy outcomes.Use when: Political events, international crises, elections, regime transitions, policy changes, conflicts.Evaluates: Power distributions, institutional effects, actor interests, strategic interactions, norms.

Use when writing E2E tests with Playwright, setting up test infrastructure, or debugging flaky browser tests. Invoke for browser automation, E2E tests, Page Object Model, test flakiness, visual testing. Keywords: Playwright, E2E, browser testing, automation, Page Object.

Architecture dependency analysis to ensure proper feature isolation and composition root pattern.

API authentication patterns including JWT, OAuth 2.0, API keys, and session-based auth. Covers token generation, validation, refresh strategies, security best practices, and when to use each pattern. Use when implementing API authentication, choosing auth strategy, securing endpoints, or debugging auth issues. Prevents common vulnerabilities like token theft, replay attacks, and insecure storage.

Generates module specifications following amplihack's brick philosophy template.Use when creating new modules or documenting existing ones to ensure they followthe brick & studs pattern. Analyzes code to extract: purpose, public contract,dependencies, test requirements.

Use when designing chaos experiments, implementing failure injection frameworks, or conducting game day exercises. Invoke for chaos experiments, resilience testing, blast radius control, game days, antifragile systems.