Loading...
Loading...
Found 3,341 Skills
Testing WebSocket implementations for authentication bypass, cross-site hijacking, injection attacks, and insecure message handling during authorized security assessments.
Find and own a defensible market position. Use when messaging sounds like competitors, conversion is weak despite awareness, repositioning a product, or testing positioning claims. Includes Crawl-Walk-Run rollout methodology and the word change that improved enterprise deal progression.
Portfolio management. Display of held securities, trade records, structural analysis. Input data foundation for stress testing.
Uses Microsoft RESTler to perform stateful REST API fuzzing by automatically generating and executing test sequences that exercise API endpoints, discover producer-consumer dependencies between requests, and find security and reliability bugs. The tester compiles an OpenAPI specification into a RESTler fuzzing grammar, configures authentication, runs test/fuzz-lean/fuzz modes, and analyzes results for 500 errors, authentication bypasses, resource leaks, and payload injection vulnerabilities. Activates for requests involving API fuzzing, RESTler testing, stateful API testing, or automated API security scanning.
Use this skill when performing exploratory data analysis, statistical testing, data visualization, or building predictive models. Triggers on EDA, pandas, matplotlib, seaborn, hypothesis testing, A/B test analysis, correlation, regression, feature engineering, and any task requiring data analysis or statistical inference.
Use this skill when working with PostHog - product analytics, web analytics, feature flags, A/B testing, experiments, session replay, error tracking, surveys, LLM observability, or data warehouse. Triggers on any PostHog-related task including capturing events, identifying users, evaluating feature flags, creating experiments, setting up surveys, tracking errors, and querying analytics data via the PostHog API or SDKs (posthog-js, posthog-node, posthog-python).
Use this skill when writing, reviewing, auditing, or deploying Solidity smart contracts. Triggers on Solidity development, smart contract security auditing, DeFi protocol patterns, gas optimization, ERC token standards, reentrancy prevention, flash loan attack mitigation, Foundry/Hardhat testing, and blockchain deployment. Covers Solidity, OpenZeppelin, EVM internals, and common vulnerability patterns.
Run a structured 5-day process to prototype, test, and validate product ideas with real users. Use when the user mentions "design sprint", "validate in a week", "rapid prototype", "test with users", or "de-risk before building". Covers mapping, sketching, deciding, prototyping, and testing. For ongoing experimentation, see lean-startup. For customer job analysis, see jobs-to-be-done. Trigger with 'design', 'sprint'.
Fast web browsing and web app testing for AI coding agents via persistent headless Chromium daemon. Browse any URL, read page content, click elements, fill forms, run JavaScript, take screenshots, inspect CSS/DOM, capture console/network logs, and more. Ideal for verifying local dev servers, testing UI changes, and validating web app behavior end-to-end. ~100ms per command after first call. Works with Claude Code, Cursor, Cline, Windsurf, and any agent that can run Bash. No MCP, no Chrome extension — just fast CLI.
Analyzes changed files and improves unit test coverage using project-specific testing conventions from .trellis/spec/ unit-test specs. Determines test scope (unit vs integration vs regression), adds or updates tests following existing patterns, and runs validation. Use when code changes need test coverage, after implementing a feature, after fixing a bug, or when test gaps are identified.
factory_boy test data generation specialist. Covers Factory, DjangoModelFactory, SQLAlchemyModelFactory, all field declarations (Faker, LazyAttribute, Sequence, SubFactory, RelatedFactory, post_generation, Trait, Maybe, Dict, List), batch creation, pytest integration, and Celery task testing patterns. USE WHEN: user mentions "factory_boy", "test factory", "DjangoModelFactory", "SQLAlchemyModelFactory", asks about "test data generation", "factory traits", "SubFactory", "factory fixtures". DO NOT USE FOR: pytest internals - use `pytest`; Django setup - use `pytest-django`; Hypothesis property testing - use `pytest` with Hypothesis
A valid skill with version field for testing