skills.homes logoskills.homescapability registry
home/categories/testing-security
domain cluster

Testing & Security

QA, penetration testing, and code quality.

9326টি স্কিলall categories
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
testing
8.1K

chaos-engineer

Designs chaos experiments, creates failure injection frameworks, and facilitates game day exercises for distributed systems — producing runbooks, experiment manifests, rollback procedures, and post-mortem templates. Use when designing chaos experiments, implementing failure injection frameworks, or conducting game day exercises. Invoke for chaos experiments, resilience testing, blast radius control, game days, antifragile systems, fault injection, Chaos Monkey, Litmus Chaos.

Jeffallan
Jeffallan
testing-security
open
testing
8.1K

playwright-expert

Use when writing E2E tests with Playwright, setting up test infrastructure, or debugging flaky browser tests. Invoke to write test scripts, create page objects, configure test fixtures, set up reporters, add CI integration, implement API mocking, or perform visual regression testing. Trigger terms: Playwright, E2E test, end-to-end, browser testing, automation, UI testing, visual testing, Page Object Model, test flakiness.

Jeffallan
Jeffallan
testing-security
open
security
8.1K

secure-code-guardian

Use when implementing authentication/authorization, securing user input, or preventing OWASP Top 10 vulnerabilities — including custom security implementations such as hashing passwords with bcrypt/argon2, sanitizing SQL queries with parameterized statements, configuring CORS/CSP headers, validating input with Zod, and setting up JWT tokens. Invoke for authentication, authorization, input validation, encryption, OWASP Top 10 prevention, secure session management, and security hardening. For pre-built OAuth/SSO integrations or standalone security audits, consider a more specialized skill.

Jeffallan
Jeffallan
testing-security
open
code-quality
8.1K

security-reviewer

Identifies security vulnerabilities, generates structured audit reports with severity ratings, and provides actionable remediation guidance. Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews, dependency audits, secrets scanning, or compliance checks. Produces vulnerability reports, prioritized recommendations, and compliance checklists.

Jeffallan
Jeffallan
testing-security
open
testing
8.1K

test-master

Generates test files, creates mocking strategies, analyzes code coverage, designs test architectures, and produces test plans and defect reports across functional, performance, and security testing disciplines. Use when writing unit tests, integration tests, or E2E tests; creating test strategies or automation frameworks; analyzing coverage gaps; performance testing with k6 or Artillery; security testing with OWASP methods; debugging flaky tests; or working on QA, regression, test automation, quality gates, shift-left testing, or test maintenance.

Jeffallan
Jeffallan
testing-security
open
security
8K

webiny-admin-permissions

Admin-side permission UI registration and DI-backed permission checking. Use this skill when adding permission controls to the admin UI — schema-based auto-generated forms, injectable permissions via createPermissionsAbstraction/ createPermissionsFeature, typed hooks (createUsePermissions), the HasPermission component (createHasPermission), and the Security.Permissions component props. Covers both simple apps and complex multi-entity permission schemas.

webiny
webiny
testing-security
open
security
8K

webiny-configure-auth0

Configuring Auth0 as an identity provider (IDP) for Webiny projects. Use this skill when the developer asks about Auth0 authentication, Auth0 SSO, replacing Cognito with Auth0, setting up external identity providers, configuring OIDC authentication, mapping JWT claims to Webiny identities, or customizing the Auth0 login flow. Also relevant when asking about AUTH0_ISSUER, AUTH0_CLIENT_ID environment variables, Auth0IdpConfig, or the MyAuth0Extension pattern.

webiny
webiny
testing-security
open
security
8K

webiny-configure-okta

Configuring Okta as an identity provider (IDP) for Webiny projects. Use this skill when the developer asks about Okta authentication, Okta SSO, replacing Cognito with Okta, setting up external identity providers, configuring OIDC authentication, mapping JWT claims to Webiny identities, or customizing the Okta login flow. Also relevant when asking about OKTA_ISSUER, OKTA_CLIENT_ID environment variables, OktaIdpConfig, or the MyOktaExtension pattern.

webiny
webiny
testing-security
open
security
8K

webiny-api-security-catalog

API — Security & Auth — 53 abstractions. Authentication, API keys, roles, users, teams event handlers and use cases.

webiny
webiny
testing-security
open
testing
8K

tester

Use when running tests. Shows how to run tests for a single package, including OpenSearch (ddb-os) tests when applicable.

webiny
webiny
testing-security
open
code-quality
7.8K

code-review

Perform structured code reviews with actionable feedback. Use when a user asks to review code, check code quality, find bugs, audit security, improve performance, or assess maintainability. Trigger when user says things like "review this code", "check for bugs", "is this code secure", "any issues with this", "code quality check", or pastes code asking for feedback. Also trigger for pull request reviews and pre-merge code checks. Do NOT trigger for writing new code from scratch, refactoring requests without review context, or general programming questions.

Upsonic
Upsonic
testing-security
open
testing
7.8K

add-test

Scaffold a test for a Tailwind utility or Nativewind feature following the project's testing conventions.

nativewind
nativewind
testing-security
open
testing
7.5K

playwright-testing

Guide for writing, updating, and maintaining Playwright end-to-end tests for Podman Desktop using the project's Electron runner, custom fixtures, and Page Object Model hierarchy. Use when creating new E2E spec files, building or modifying page objects, updating the test framework or utilities, debugging test failures, adding smoke tests, or when the user asks about Playwright tests, test automation, spec files, page models, or the E2E test structure.

podman-desktop
podman-desktop
testing-security
open
code-quality
7.4K

dark-mode-check

Audit SCSS and TSX files for dark mode issues — missing variable usage, hardcoded colors, icon gaps, selector misuse, and inline dark overrides outside the theme folder

anyproto
anyproto
testing-security
open
Previous
Page 31 / 389
Next