Testing

by intuitem

Guide users through a basic risk assessment workflow in CISO Assistant, from asset identification to scenario creation. Use when:(1) User wants to start a risk assessment from scratch(2) User mentions "risk assessment", "identify risks", "threat scenarios", or "risk register"(3) User asks about qualitative vs quantitative risk approaches(4) User needs help identifying assets, threats, or creating risk scenariosCovers: risk approach selection (qualitative/quantitative), organizational context gathering, asset identification (primary/supporting), threat catalog usage, scenario generation from threat-asset combinations, risk assessment/study creation.

by parcadei

Find unused functions and dead code in the codebase

by clawdbot

Capture frames or clips from RTSP/ONVIF cameras.

by AnySoftKeyboard

Create and run unit tests following the project's architecture and guidelines (Robolectric, naming, location).

by storj

Run unit tests that require the Spanner emulator. Use this skill when the user wants to run tests in packages like satellite/metabase, satellite/metainfo, or any other tests that interact with Spanner. Automatically handles checking for and configuring the Spanner emulator environment.

by zebbern

This skill should be used when the user asks to "intercept HTTP traffic", "modify web requests", "use Burp Suite for testing", "perform web vulnerability scanning", "test with Burp Repeater", "analyze HTTP history", or "configure proxy for web testing". It provides comprehensive guidance for using Burp Suite's core features for web application security testing.

by zebbern

This skill should be used when the user asks to "test for HTML injection", "inject HTML into web pages", "perform HTML injection attacks", "deface web applications", or "test content injection vulnerabilities". It provides comprehensive HTML injection attack techniques and testing methodologies.

by zebbern

This skill should be used when the user asks to "set up a web server", "configure HTTP or HTTPS", "perform SNMP enumeration", "configure SMB shares", "test network services", or needs guidance on configuring and testing network services for penetration testing labs.

by trailofbits

Burp Suite Professional is an HTTP interception proxy with numerous security testing features. Use when testing web applications for security vulnerabilities.

by trailofbits

Guide you through Trail of Bits' 5-step secure development workflow. Runs Slither scans, checks special features (upgradeability/ERC conformance/token integration), generates visual security diagrams, helps document security properties for fuzzing/verification, and reviews manual security areas. (project, gitignored)

by parcadei

A complete skill for E2E testing

by parcadei

Metacognitive check-ins during problem solving - detects when to pivot or persist

by parcadei

Release preparation workflow - security audit → E2E tests → review → changelog → docs

by parcadei

Test-driven development workflow with philosophy guide - plan → write tests → implement → validate

by parcadei

Comprehensive testing workflow - unit tests ∥ integration tests → E2E tests

by exceptionless

by exceptionless

by exceptionless

by exceptionless

by useautumn

Create and maintain API version changes. Use when adding breaking changes to API responses/requests, creating version change files, transforming data between versions, or handling backward compatibility.

by openai

Run the integration-tests pipeline that depends on a local npm registry (Verdaccio). Use when asked to execute integration tests or local publish workflows in this repo.

by openai

Keep pnpm current: run pnpm self-update/corepack prepare, align packageManager in package.json, and bump pnpm/action-setup + pinned pnpm versions in .github/workflows to the latest release. Use this when refreshing the pnpm toolchain manually or in automation.

by facet-rs

Systematic workflow for debugging by reproducing bugs with real data, reducing test cases to minimal examples, and adding regression tests

by OneKeyHQ

OneKey monorepo architecture, project structure, package relationships, and import hierarchy rules.

by OneKeyHQ

Date and time formatting — use OneKey dateUtils (formatDate/formatTime) instead of native JS date methods.

by OneKeyHQ

Creates test version branches for testing app upgrade functionality. Use when preparing upgrade test builds, testing version migration, or when the user mentions test version, 9005.x.x version numbers, upgrade testing, or version upgrade QA. Automates branch creation, version bumping, and build number hardcoding for upgrade flow verification.

by OneKeyHQ

Filters specific errors from Sentry reporting in this OneKey monorepo. Use when needing to ignore/suppress/filter Sentry errors, add error exclusions, or stop certain errors from being reported. Handles platform-specific filtering (desktop/mobile/web/extension).

by amilich

Generate sprite sheet images for the isometric city game using the GenerateImage tool. Use when creating new game assets, sprite sheets, vehicle sprites, building sprites, or any visual assets for the isometric city builder. Ensures consistent format, sizing, and isometric projections.

by mikeyobrien

EvalKit is a conversational evaluation framework for AI agents that guides you through creating robust evaluations using the Strands Evals SDK. Through natural conversation, you can plan evaluations, generate test data, execute evaluations, and analyze results.

by mikeyobrien

Lists all code tasks in the repository with their status, dates, and metadata. Useful for getting an overview of pending work or finding specific tasks.

by jar-analyzer

基于 jar-analyzer（SQLite + 内置 MCP）的证据驱动 Java 安全审计技能。核心目标：把“结论”变成“可复现证据 + 可度量覆盖率”。

by heyitsnoah

Work with git worktrees for isolated parallel development. Use when starting feature work in isolation, when need separate workspace without branch switching, or when cleaning up worktrees after PR merge.

by heyitsnoah

ALWAYS use before attempting any fix. Never jump to solutions - investigate root cause first. Use when encountering any technical issue, bug, test failure, or unexpected behavior.

by filipstrand

Port ML models into mflux/MLX with correctness-first validation, then refactor toward mflux style.

by blader

Detect and resolve TypeScript/JavaScript circular import dependencies. Use when:(1) "Cannot access 'X' before initialization" at runtime, (2) Import returns undefined unexpectedly, (3) "ReferenceError: Cannot access X before initialization",(4) Type errors that disappear when you change import order, (5) Jest/Vitest tests fail with undefined imports that work in browser.

by recyclarr

Testing patterns, infrastructure, fixtures, and debugging for unit, integration, and E2E tests

by mrgoonie

Systematic debugging frameworks for finding and fixing bugs - includes root cause analysis, defense-in-depth validation, and verification protocols

by mrgoonie

Creative problem-solving techniques for breaking through stuck points - includes collision-zone thinking, inversion, pattern recognition, and simplification

by quran

../../../.agents/quran/skills/test-plan/SKILL.md

by filipstrand

Prepare a release in mflux (version bump, changelog, uv lock) without tagging/publishing.

by filipstrand

Run tests in mflux (fast/slow/full), preserve image outputs, and handle golden image diffs safely.

by cexll

This skill should be used when generating comprehensive test cases from PRD documents or user requirements. Triggers when users request test case generation, QA planning, test scenario creation, or need structured test documentation. Produces detailed test cases covering functional, edge case, error handling, and state transition scenarios.

by letta-ai

Guide for adding new LLM models to Letta Code. Use when the user wants to add support for a new model, needs to know valid model handles, or wants to update the model configuration. Covers models.json configuration, CI test matrix, and handle validation.

by letta-ai

Find other agents on the same server. Use when the user asks about other agents, wants to migrate memory from another agent, or needs to find an agent by name or tags.

by leonvanzyl

Convert GSD codebase mapping to Autocoder app_spec.txt. This skill should be used whenthe user has run /gsd:map-codebase and wants to use Autocoder on an existing project.Triggers: "convert to autocoder", "gsd to spec", "create app_spec from codebase","use autocoder on existing project", after /gsd:map-codebase completion.

by TheOrcDev

Patterns for game-like interfaces - health bars, XP bars, mana bars. Apply when building RPG/retro gaming UI components with state-driven visuals.

by TheOrcDev

Use early returns to avoid unnecessary computation in loops and functions. Apply when processing arrays, validating input, or checking multiple conditions where the result can be determined before all iterations complete.

by TheOrcDev

Hoist RegExp creation outside render or memoize with useMemo(). Apply when using regular expressions in React components or frequently called functions.

by TheOrcDev

Register components in registry.json for shadcn/ui add command. Apply when adding new 8-bit components to the component library.

by TheOrcDev

Wrap animated SVG elements in a div to enable hardware acceleration. Apply when animating SVG icons or elements, especially in 8-bit retro components with pixel art animations.

by TheOrcDev

Extract static JSX elements outside components to avoid re-creation on every render. Apply when rendering static elements repeatedly or in lists.

by TheOrcDev

Organize 8-bit CSS with custom properties, pixel fonts, and responsive pixel art. Apply when creating or modifying retro-styled components and their CSS.

by revokslab

Remove AI code slop

by leochlon

Iterative root-cause + fix agent workflow that gathers evidence (code/logs/tests/web), verifies the primary ROOT_CAUSE claim with Strawberry's detect_hallucination/audit_trace_budget, implements a fix, runs a test plan, checks for new failure modes, and loops until the fix actually works.

by pchalasani

This skill should be used when the agent needs to give a spoken voice update to the user, or when reminded by a Stop hook to provide audio feedback. Use this skill to speak a short summary of what was accomplished.

by jeremylongshore

Apply Apollo.io API security best practices.Use when securing Apollo integrations, managing API keys,or implementing secure data handling.Trigger with phrases like "apollo security", "secure apollo api","apollo api key security", "apollo data protection".

by jeremylongshore

This skill enables automated testing of mobile applications on iOS and Android platforms using frameworks like Appium, Detox, XCUITest, and Espresso. It generates end-to-end tests, sets up page object models, and handles platform-specific elements. Use this skill when the user requests mobile app testing, test automation for iOS or Android, or needs assistance with setting up device farms and simulators. The skill is triggered by terms like "mobile testing", "appium", "detox", "xcuitest", "espresso", "android test", "ios test".

by jeremylongshore

This skill enables Claude to design and execute chaos engineering experiments to test system resilience. It is used when the user requests help with failure injection, latency simulation, resource exhaustion testing, or resilience validation. The skill is triggered by discussions of chaos experiments (GameDays), failure injection strategies, resilience testing, and validation of recovery mechanisms like circuit breakers and retry logic. It leverages tools like Chaos Mesh, Gremlin, Toxiproxy, and AWS FIS to simulate real-world failures and assess system behavior.

by jeremylongshore

This skill enables Claude to orchestrate complex test workflows using the test-orchestrator plugin. It allows Claude to define test execution graphs with dependencies, execute tests in parallel, and intelligently select tests to run based on code changes. Use this skill when a user requests test orchestration, dependency management for tests, parallel test execution, smart test selection, or CI/CD integration for testing. Trigger terms include "orchestrate tests", "test workflow", "parallel testing", "smart test selection", "test dependencies", and "/orchestrate".

by jeremylongshore

This skill enables Claude to design, execute, and analyze performance tests using the performance-test-suite plugin. It is activated when the user requests load testing, stress testing, spike testing, or endurance testing, and when discussing performance metrics such as response time, throughput, and error rates. It identifies performance bottlenecks related to CPU, memory, database, or network issues. The plugin provides comprehensive reporting, including percentiles, graphs, and recommendations.

by jeremylongshore

This skill enables Claude to execute visual regression tests using tools like Percy, Chromatic, and BackstopJS. It captures screenshots, compares them against baselines, and analyzes visual differences to identify unintended UI changes. Use this skill when the user requests visual testing, UI change verification, or regression testing for a web application or component. Trigger phrases include "visual test," "UI regression," "check visual changes," or "/visual-test".

by hashintel

HashQL testing strategies including compiletest (UI tests), unit tests, and snapshot tests. Use when writing tests for HashQL code, using //~ annotations, running --bless, debugging test failures, or choosing the right testing approach.

by mitsuhiko

Fetch and analyze Sentry issues, events, transactions, and logs. Helps agents debug errors, find root causes, and understand what happened at specific times.

by catlog22

Transform vague prompts into actionable specs using intelligent analysis and session memory. Use when user input contains -e or --enhance flag.

by bfly123

Fetch the latest reply from Gemini (shorthand: g/gm) via the `gpend` CLI. Use only when the user explicitly asks to view the Gemini/gm reply/response (e.g. "看下 g 回复/输出"); do not run proactively after `gask` unless requested.

by bfly123

Fetch the latest reply from OpenCode (shorthand: oc) storage via the `opend` CLI. Use only when the user explicitly asks to view the OpenCode/oc reply/response (e.g. "看下 oc 回复/输出"); do not run proactively after `oask` unless requested.

by bfly123

Test connectivity with OpenCode (shorthand: oc) via the `oping` CLI. Use when the user explicitly asks to check OpenCode/oc status/connection (e.g. "oc ping", "oc 还活着吗", "OpenCode 连上没"), troubleshoot OpenCode not responding, or verify `ccb up opencode` succeeded.

by vitorpamplona

Advanced Kotlin coroutines patterns for AmethystMultiplatform. Use when working with: (1) Structured concurrency (supervisorScope, coroutineScope), (2) Advanced Flow operators (flatMapLatest, combine, merge, shareIn, stateIn), (3) Channels and callbackFlow, (4) Dispatcher management and context switching, (5) Exception handling (CoroutineExceptionHandler, SupervisorJob), (6) Testing async code (runTest, Turbine), (7) Nostr relay connection pools and subscriptions, (8) Backpressure handling in event streams. Delegates to kotlin-expert for basic StateFlow/SharedFlow patterns. Complements nostr-expert for relay communication.

by mrgoonie

Force unrelated concepts together to discover emergent properties - "What if we treated X like Y?

by mrgoonie

Test at extremes (1000x bigger/smaller, instant/year-long) to expose fundamental truths hidden at normal scales

by mrgoonie

Four-phase debugging framework that ensures root cause investigation before attempting fixes. Never jump to solutions.

by lackeyjb

Complete browser automation with Playwright. Auto-detects dev servers, writes clean test scripts to /tmp. Test pages, fill forms, take screenshots, check responsive design, validate UX, test login flows, check links, automate any browser task. Use when user wants to test websites, automate browser interactions, validate web functionality, or perform any browser-based testing.