code-quality
3.2K
code-review
LLM-focused code review process for this repo: what to check, how to ground feedback in invariants/tests, and how to verify changes efficiently (including test-report.json).
atopile
testing-security
domain cluster
Testing & Security
QA, penetration testing, and code quality.
9326টি স্কিলall categories
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
3.1K
serverpod-auth-module
Add Serverpod authentication — serverpod_auth_idp packages, initializeAuthServices, identity providers (Email, Google, Apple, etc.), Flutter sign-in UI, migrations. Use when adding authentication or a new social sign-in to a Serverpod project.
serverpod
testing-security
testing
3.1K
serverpod-testing
Test Serverpod endpoints and business logic — withServerpod, sessionBuilder, authentication, DB seeding, rollback, streams, running tests. Use when writing server tests or working with serverpod_test.
serverpod
testing-security
code-quality
3.1K
validate
Schema validation for notes. Checks against domain-specific templates. Validates required fields, enum values, description quality, and link health. Non-blocking — warns but doesn't prevent capture. Triggers on "/validate", "/validate [note]", "check schema", "validate note", "validate all".
agenticnotetaking
testing-security
code-quality
3.1K
verify
Combined verification — recite (description quality via cold-read prediction) + validate (schema compliance) + review (health checks). Use as a quality gate after creating notes or as periodic maintenance. Triggers on "/verify", "/verify [note]", "verify note quality", "check note health".
agenticnotetaking
testing-security
security
3.1K
idor-vulnerability-testing
This skill should be used when the user asks to "test for insecure direct object references," "find IDOR vulnerabilities," "exploit broken access control," "enumerate user IDs or object references," or "bypass authorization to access other users' data." It provides comprehensive guidance for detecting, exploiting, and remediating IDOR vulnerabilities in web applications.
zebbern
testing-security
code-quality
3.1K
review
Review code for quality, root cause analysis, and fix confidence. Supports PR review and local review of uncommitted/branch changes. Default mode is local (reviews current branch changes). Triggers on: review pr, review this pr, /review <pr_url>, /review local, /review, check bot pr quality.
brave
testing-security
code-quality
3.1K
verification-loop
This skill should be used when the user asks to "verify code", "run verification", "check quality", "validate changes", or before creating a PR. Provides comprehensive verification including build, type check, lint, tests, security scan, and diff review.
Galaxy-Dawn
testing-security
security
3.1K
validate-static-web-asset-change
Use this skill when you are implementing a change on src\StaticWebAssetsSdk and want to test the behavior locally to validate it works as expected.
dotnet
testing-security
testing
3.1K
author-swa-integration-test
Author end-to-end Static Web Assets integration tests that exercise MSBuild targets through build, publish, or pack. USE FOR: writing new SWA integration tests, choosing a test asset and base class, dynamically modifying projects at runtime, selecting the right manifest to assert on, verifying the full asset pipeline (primary, compressed, endpoints). DO NOT USE FOR: unit tests of individual tasks (write those directly), baseline regeneration (use swa-baseline-regeneration), troubleshooting failures (use swa-troubleshooting).
dotnet
testing-security
testing
3.1K
swa-baseline-regeneration
Regenerate Static Web Assets test baselines. USE FOR: fixing "generated manifest should match the expected baseline" errors, updating baseline JSON files after legitimate build output changes, understanding the baseline comparison system.
dotnet
testing-security
testing
3.1K
swa-pack-format
Understand and fix Static Web Assets Pack tests. USE FOR: fixing Pack test assertion failures after nupkg content changes, tracing MSBuild conditions to expected nupkg content, updating test assertions for new or changed package layouts, understanding conditional pack logic in .targets files.
dotnet
testing-security
testing
3.1K
swa-troubleshooting
Diagnose and fix common Static Web Assets test and build failures. USE FOR: analyzing CI failures, identifying root cause categories from error messages, fixing metadata propagation bugs, timing/ordering issues in MSBuild targets, test assertion mismatches.
dotnet
testing-security
code-quality
3.1K
typst-writing-document
Use when authoring or validating Typst documents from canonical grammar examples, especially when you need compile, HTML, or SVG-based validation workflows.
Myriad-Dreamin
testing-security
testing
3.1K
migrate-tsed-functional-api
Migrate Ts.ED files from decorators to functional APIs for files passed in context, then run package typechecking and associated tests.
tsedio
testing-security
testing
3.1K
write-vuex-unit-test
Vuex storeの単体テストを生成。mutation/action/getterのテスト作成時に使用。
VOICEVOX
testing-security
testing
3.1K
kiro-review
Review a task implementation against approved specs, task boundaries, and verification evidence. Use after an implementer finishes a task, after remediation, or before accepting a task as complete.
gotalab
testing-security
testing
3.1K
kiro-validate-impl
Validate feature-level integration after all tasks are implemented. Checks cross-task consistency, full test suite, and overall spec coverage.
gotalab
testing-security
testing
3.1K
kiro-verify-completion
Verify completion and success claims with fresh evidence. Use before claiming a task is complete, a fix works, tests pass, or a feature is ready for GO.
gotalab
testing-security
testing
3.1K
kiro-review
Review a task implementation against approved specs, task boundaries, and verification evidence. Use after an implementer finishes a task, after remediation, or before accepting a task as complete.
gotalab
testing-security