This skill should be used when the user asks to "test JWT security", "hack JWT tokens", "bypass JWT authentication", "crack JWT secrets", or "exploit JWT vulnerabilities". It provides comprehensive JSON Web Token attack techniques and security assessment methodologies.
Comprehensive authentication implementation guidance including JWT best practices, OAuth 2.0/OIDC flows, Passkeys/FIDO2/WebAuthn, MFA patterns, and secure session management. Use when implementing login systems, token-based auth, SSO, passwordless authentication, or reviewing authentication security.
Comprehensive cryptography guidance covering encryption algorithms, password hashing, TLS configuration, key management, and post-quantum considerations. Use when implementing encryption, choosing hashing algorithms, configuring TLS/SSL, managing cryptographic keys, or reviewing cryptographic implementations.
Gets, checks, and verifies the current UTC date and time for unambiguous temporal reference. Use when starting tasks, verifying temporal context, ensuring date awareness before time-sensitive operations, or when incorrect date assumptions are detected.
This skill should be used when the user asks to "test API security", "fuzz APIs", "find IDOR vulnerabilities", "test REST API", "test GraphQL", "API penetration testing", "bug bounty API testing", or needs guidance on API security assessment techniques.
Security audit for changes touching secrets, services, terraform, or hosts.
Analyze, test, and prepare apps for production with Pest and Playwright testing
Create test cases for functions and modules. Use when implementing TDD or improving coverage.
Run Mojo tests using mojo test command. Use when executing tests or verifying test coverage.
Implement semantic theories and Python/Z3 code with TDD. Invoke for Python-language implementation tasks.
Plan integration tests across modules or services. Use when a mid-level developer needs to verify system interactions.
Design performance test strategies including load profiles, capacity planning, SLA validation, and .NET performance testing with NBomber and k6.
Create comprehensive E2E test plans with deep application analysis, navigation coverage audit, and browser-testable scenarios
Execute complete user flow testing with Playwright MCP, testing end-to-end journeys through the application
Set up test validation commands for any project type. Use when configuring test runners, setting up validation commands for a new project, or enabling closed-loop agent workflows.
Systematically test all pages for errors, functionality, and proper rendering using Playwright MCP
Generate starter unit tests for a small function or module. Use when a junior developer needs test scaffolding and edge cases.
A test skill for validating npm-agentskills functionality
Generate Vitest + React Testing Library tests for Dify frontend components, hooks, and utilities. Triggers on testing, spec files, coverage, Vitest, RTL, unit tests, integration tests, or write/review test requests.
Apply systematic test case design techniques including equivalence partitioning, boundary value analysis, decision tables, and state transition testing.
Create comprehensive test strategy documents following IEEE 829 structure. Plan test approach, scope, resources, and success criteria for software projects.
Execute comprehensive role-based E2E testing with Playwright, testing all user flows for each role
Set up Pest testing with Orchestra Testbench for Laravel packages
