home/categories/testing-security

domain cluster

Testing & Security

QA, penetration testing, and code quality.

9326 스킬all categories

sorting

stars

current ordering strategy

query

all entries

refine the visible subset

code-quality

2.7K

code-health

Scans the codebase for dead code, tech debt, outdated dependencies, and code quality issues. Delegates to the Centinela (QA) agent.

davepoon

testing-security

open

code-quality

2.7K

release-check

Pre-release verification checklist. Validates features, tests, docs, security, and quality gates before shipping. Delegates to the Centinela (QA) agent.

davepoon

testing-security

open

code-quality

2.7K

review-findings

Addresses and fixes findings from a QA code review. Reads the review report, fixes critical and warning issues, and prepares for re-verification. Delegates to the Forja (Dev) agent.

davepoon

testing-security

open

code-quality

2.7K

Deterministic Python-scored startup screening with full audit trail. Use when you need a reproducible, weighted-score verdict on a startup — not just a qualitative opinion. Triggered by: "/venture-capital-intelligence:hard-screening-startup", "hard screen this startup", "run a hard screen on X", "score this startup with Python", "give me an auditable screen", "run a scored evaluation on X", "give me a weighted score for this startup", "screen with numbers", "objective startup score", "reproducible screen", "investment scorecard for X", "score this company out of 100", "run the full screen on X". Claude Code only. Requires Python 3.x. For conversational soft-mode screening, use /venture-capital-intelligence:soft-screening-startup.

davepoon

testing-security

open

security

2.7K

security-audit

Deep security audit covering OWASP Top 10, authentication, authorization, data protection, dependency vulnerabilities, and secrets scanning. Delegates to the Centinela (QA) agent.

davepoon

testing-security

open

security

2.7K

aurakit

Sonnet Amplified fullstack engine. 34 modes, SEC-01~15 OWASP security, 13 runtime hooks, 75% token reduction. Install: npx @smorky85/aurakit

davepoon

testing-security

open

security

2.7K

coinpaprika-api

Access cryptocurrency market data from CoinPaprika: prices, tickers, OHLCV, exchanges, contract lookups for 12,000+ coins and 350+ exchanges. Free tier, no API key needed. Install MCP: add https://mcp.coinpaprika.com/sse as SSE server, or install plugin: /plugin marketplace add coinpaprika/claude-marketplace

davepoon

testing-security

open

security

2.7K

dexpaprika-api

Access DeFi data from DexPaprika: token prices, liquidity pools, OHLCV, transactions across 34+ blockchains and 30M+ pools. Free, no API key needed. Install MCP: add https://mcp.dexpaprika.com/sse as SSE server, or install plugin: /plugin marketplace add coinpaprika/claude-marketplace

davepoon

testing-security

open

security

2.7K

lobsterdomains

davepoon

testing-security

open

security

2.7K

security-guardrails

Adversarial defense layer for the mortgage plugin — protects against prompt injection, system prompt extraction, PII leakage, workflow bypass, and social engineering attacks.

davepoon

testing-security

open

testing

2.7K

testing

Testing strategies and methodologies including TDD, E2E testing, and multi-framework support

davepoon

testing-security

open

code-quality

2.7K

qa

Systematically QA test a web application and fix bugs found. Runs QA testing, then iteratively fixes bugs in source code, committing each fix atomically and re-verifying. Use when asked to "qa", "QA", "test this site", "find bugs", "test and fix", or "fix what's broken". Proactively suggest when the user says a feature is ready for testing or asks "does this work?". Three tiers: Quick (critical/high only), Standard (+ medium), Exhaustive (+ cosmetic). Produces before/after health scores, fix evidence, and a ship-readiness summary. For report-only mode, use /qa-only. (gstack) Voice triggers (speech-to-text aliases): "quality check", "test the app", "run QA".

garrytan

testing-security

open

code-quality

2.7K

review

Pre-landing PR review. Analyzes diff against the base branch for SQL safety, LLM trust boundary violations, conditional side effects, and other structural issues. Use when asked to "review this PR", "code review", "pre-landing review", or "check my diff". Proactively suggest when the user is about to merge or land code changes. (gstack)

garrytan

testing-security

open

code-quality

2.7K

desloppify

Multi-language codebase health scanner. Use when the user explicitly asks to run desloppify, scan for technical debt, get a health score, or create a cleanup plan. Do NOT trigger for general code review, renaming, or fixing individual bugs.

peteromallet

testing-security

open

testing

2.7K

qa-only

Report-only QA testing. Systematically tests a web application and produces a structured report with health score, screenshots, and repro steps — but never fixes anything. Use when asked to "just report bugs", "qa report only", or "test but don't fix". For the full test-fix-verify loop, use /qa instead. Proactively suggest when the user wants a bug report without any code changes. (gstack) Voice triggers (speech-to-text aliases): "bug report", "just check for bugs".

garrytan

testing-security

open

security

2.7K

test-rule

Run Automatus tests for a security rule

ComplianceAsCode

testing-security

open

testing

2.7K

run-tests

Run ctest validation tests on a built product

ComplianceAsCode

testing-security

open

code-quality

2.7K

checklist-runner

Generic checklist execution engine for any .md checklist. Use this skill when an agent needs to validate work against a checklist. Supports YOLO (autonomous) and interactive modes with pass/fail/partial verdicts.

SynkraAI

testing-security

open

code-quality

2.7K

coderabbit-review

Unified CodeRabbit CLI execution via WSL with self-healing loop. Use this skill when running automated code review before commits, PRs, or QA gates. Handles WSL wrapper, severity filtering, and auto-fix iterations.

SynkraAI

testing-security

open

testing

2.7K

vault-audit

Full 7-phase vault audit: structural scan, duplicate detection, link integrity, frontmatter audit, MOC review, cross-agent integration check, and health report. Triggers: EN: "weekly review", "check the vault", "vault audit", "full audit", "vault health". IT: "revisione settimanale", "controlla il vault", "audit del vault", "salute del vault". FR: "audit du vault", "vérifier le vault". ES: "auditoría del vault", "revisar el vault". DE: "Vault-Audit", "Vault überprüfen". PT: "auditoria do vault", "verificar o vault".

gnekt

testing-security

open

testing

2.6K

sanity-check

Run an E2E smoke test that installs agent-os packages from npm in an isolated temp project, spawns a Pi agent session, has it write a file and read it back with cat, then verifies the result. Use when the user asks to sanity check, smoke test, or verify the release works.

rivet-dev

testing-security

open

code-quality

2.6K

code-review

Reviews code diffs and files for security vulnerabilities (OWASP Top 10), error handling, complexity, naming conventions, and performance issues. Use when the user asks to review a PR, pull request, diff, merge request, or code changes.

open-gitagent

testing-security

open

code-quality

2.6K

code-change-verification

Run the mandatory verification stack when changes affect runtime code, tests, or build/test behavior in the OpenAI Agents JS monorepo.

openai

testing-security

open

testing

2.6K

test-coverage-improver

Improve test coverage in the OpenAI Agents JS monorepo: run `pnpm test:coverage`, inspect coverage artifacts, identify low-coverage files and branches, propose high-impact tests, and confirm with the user before writing tests.

openai

testing-security

open

Page 71 / 389