testify-tdd
Use this skill when writing Go tests with stretchr/testify, implementing TDD workflows, creating mocks, or organizing test suites. Covers assert vs require patterns, interface mocking, table-driven tests, and the red-green-refactor cycle.
implementation-verifier
Verify implementation completeness against spec and tasks. Use after implementation to ensure all tasks are complete, tests pass, and code meets quality standards before marking feature done.
testing-anti-patterns
Use when writing or changing tests, adding mocks, or tempted to add test-only methods to production code - prevents testing mock behavior and production pollution
pytest-advanced
Advanced pytest patterns including fixtures, markers, plugins, and async testing. Use when implementing test infrastructure, organizing test suites, using pytest plugins, or setting up complex test scenarios with fixtures and parametrization. Triggered by: pytest, fixtures, parametrize, conftest, test organization, async testing.
web3-testing
Test smart contracts comprehensively using Hardhat and Foundry with unit tests, integration tests, and mainnet forking. Use when testing Solidity contracts, setting up blockchain test suites, or validating DeFi protocols.
aztec-testing
Assists with testing Aztec smart contracts using the TestEnvironment. Use when writing unit tests, integration tests, or debugging test failures for Aztec contracts.
security-practices
Master secure development, OWASP top 10, testing, and compliance. Use when building secure systems, conducting security reviews, or implementing best practices.
kompliance-x
Performs intelligent compliance audits for software projects. Automatically detects which regulatory frameworks (GDPR, HIPAA, PCI-DSS, CCPA, SOC 2) apply based on project analysis and user context. Provides tiered reports with executive summaries and detailed technical findings. Use when the user asks about compliance, regulatory requirements, security standards, data protection, or wants to audit their codebase for legal/regulatory adherence.
aztec-e2e-testing
Generate Jest end-to-end tests for Aztec contracts with real network interaction. Use when writing integration tests, testing contract deployments, or validating full transaction flows.
security-assessment
Master security assessments with vulnerability scanning, penetration testing, security testing, and security audits.
test-planning
Master test planning with test strategies, test plans, scope definition, and comprehensive testing approaches.
prompt-evaluation
Prompt testing, metrics, and A/B testing frameworks
security-prompts-threat-modeling
Security analysis and threat modeling prompt templates for STRIDE analysis, code review, OWASP compliance, and vulnerability assessment. Use for security planning, pre-deployment reviews, and ongoing threat assessment. Triggers include "STRIDE", "threat model", "security review", "code review", "OWASP", "payment security", "security analysis", "vulnerability assessment".
classifying-review-findings
Classifies code review findings into severity categories (CRITICAL, IMPORTANT, DEBT, SUGGESTED, QUESTION) following Bitwarden standards. Use when determining severity levels, categorizing PR comments, deciding what emoji to use, or verifying if something should be flagged at all.
security-review
A specialist skill for security reviews, threat modeling, and remediation guidance. Use for auth/permissions changes, secrets or PII handling, public endpoints, or dependency upgrades.
test-design
Design comprehensive test strategies with risk-informed prioritization (P0/P1/P2), test levels (unit/integration/E2E), mock strategies, and CI/CD integration. Creates Given-When-Then scenarios for all acceptance criteria, develops mock strategies for external dependencies, and plans CI/CD execution stages. Use during task planning before implementation to ensure comprehensive test coverage.
qa-engineer
QA specialist agent for test planning, execution, and regression analysis
validate-test-reality
Meta-validation skill that generates edge cases, production scenarios, and reality gaps not covered by original specifications. Identifies specification-reality mismatches by analyzing what tests claim versus what production data reveals. Creates test deficiency reports showing coverage gaps for Quinn review. Use before quality gate approval to ensure tests reflect production reality, not just specification compliance.