Apply comprehensive API testing patterns including contract testing, REST/GraphQL testing, and integration testing. Use when testing APIs, microservices, or designing API test strategies.
Consumer-driven contract testing for microservices using Pact, schema validation, API versioning, and backward compatibility testing. Use when testing API contracts, preventing breaking changes, or coordinating distributed teams.
Conduct context-driven code reviews focusing on quality, testability, and maintainability. Use when reviewing code, providing feedback, or establishing review practices.
A skill to integrate better-auth. And auth framework for TypeScript projects.
Clarify requirements before implementing. Do not use automatically, only when invoked explicitly.
A skill to create auth service for new applications.
Test for security vulnerabilities using OWASP principles and security testing techniques. Use when conducting security audits, testing authentication/authorization, or implementing security practices.
Build effective test automation strategy using the test pyramid and practical patterns. Use when planning automation approach, selecting tools, or optimizing test suites.
Cross-browser, cross-platform, and cross-device compatibility testing ensuring consistent experience across environments. Use when validating browser support, testing responsive design, or ensuring platform compatibility.
Systematic test design with boundary value analysis, equivalence partitioning, decision tables, state transition testing, and combinatorial testing. Use when designing comprehensive test cases, reducing redundant tests, or ensuring systematic coverage.
Testing workflows for Send app. Use when running tests, debugging test failures, or setting up test infrastructure. Covers Jest (packages), pgTAP (Supabase), and Playwright (E2E).
Apply both London and Chicago school TDD approaches. Use when practicing test-driven development, understanding different TDD philosophies, or choosing the right testing style for your context.
Standard validation checklist to prove a security fix works and doesn’t regress behavior.
Workflow for preventing secret leaks and sensitive logging (PII/credentials) and adding redaction defaults.
Process for tightening input validation, canonicalization, and safe parsing to prevent injection and logic abuse.
Security best practices including CSP, XSS prevention, input validation, and secrets management. Use when reviewing security or hardening applications.
Ensures all commit messages and PR titles follow the Conventional Commits specification.
Acts as a strict but helpful senior engineer, reviewing code for architectural soundness, maintainability, and SOLID principles.
Detects code smells, anti-patterns, and debugging issues. Use when: fixing bugs, reviewing code quality, or refactoring.
Applies coding standards for clean, maintainable code. Use when: writing functions, handling errors, refactoring, or reviewing code style.
A skill that helps review code for best practices, bugs, and security issues
Comprehensive OAuth2 authentication skill covering authorization flows, token management, PKCE, OpenID Connect, and security best practices for modern authentication systems
