Loading...
Loading...
Found 1,547 Skills
Verify statistics from raw data with methodology checking, significance testing, claim validation, and bias detection. Use when fact-checking statistical claims, validating research findings, or auditing data analysis.
This skill should be used when the user asks to "validate a finding", "check if a vulnerability is real", "triage a security finding", "confirm a vulnerability", "determine if a finding is a true positive or false positive", or provides a security finding for review. It validates security vulnerability findings by tracing data flows, verifying exploit conditions, analyzing security controls, and optionally testing attack vectors against a live application.
API security testing workflow for REST and GraphQL APIs covering authentication, authorization, rate limiting, input validation, and security best practices.
Set up uv (Rust-based Python package manager) in CI/CD pipelines. Use when configuring GitHub Actions workflows, GitLab CI/CD, Docker builds, or matrix testing across Python versions. Includes patterns for cache optimization, frozen lockfiles, multi-stage builds, and PyPI publishing with trusted publishing. Covers GitHub Actions setup-uv action, Docker multi-stage production/development builds, and deployment patterns.
How to test domain models effectively: value object testing (immutability, validation), entity testing (identity, business logic), domain exception testing, aggregate testing, high coverage patterns (95%+), and testing invariants and constraints. Use when: Testing domain layer code, validating value objects, testing entities with business logic, ensuring domain invariants, or achieving 95%+ coverage on domain models.
Testing use cases and application services: use case testing with mocked gateways, DTO testing, application exception testing, orchestration testing, mocking at adapter boundaries. Coverage target: 85-90%. Use when: Testing use cases, testing application services, testing DTOs and data transformation, testing error handling in use cases, mocking external dependencies at layer boundaries.
Provides Complete patterns for testing async Python code with pytest: pytest-asyncio configuration, AsyncMock usage, async fixtures, testing FastAPI with AsyncClient, testing Kafka async producers/consumers, event loop and cleanup patterns. Use when: Testing async functions, async use cases, FastAPI endpoints, async database operations, Kafka async clients, or any async/await code patterns.
Provides reflective questioning framework to challenge assumptions about work completeness, catching incomplete implementations before they're marked "done". Use before claiming features complete, before moving ADRs to completed status, during self-review, or when declaring work finished. Triggers on "is this really done", "self-review my work", "challenge my assumptions", "verify completeness", or proactively before marking tasks complete. Works with any type of implementation work. Enforces critical thinking about integration, testing, and execution proof.
Automates Chrome browser workflows for testing web apps, debugging with console/network logs, extracting data, filling forms, and interacting with authenticated web applications (Google Docs, Gmail, Notion). Use when testing local web apps, debugging frontend issues, automating data entry, scraping web content, or working with authenticated services. Triggers on "test my web app", "check the console", "fill this form", "extract data from [URL]", "automate [browser task]", "open [authenticated app]", or debugging web application issues. Works with Chrome via Claude in Chrome extension (MCP tools: navigate, click, form_input, read_console_messages, read_network_requests, tabs_context_mcp, gif_creator).
Creates and manages Cloudflare Access service tokens for automated infrastructure verification and non-human access. Use when setting up automation, verification scripts, monitoring systems, or need to test services without Google OAuth. Triggers on "create service token", "setup automation access", "verify without OAuth", "automated monitoring", or "service token for testing". Works with Cloudflare Access Service Auth, .env credential storage, and cf-service-token.sh script for testing and management.
Browser automation and testing using Vercel's agent-browser CLI with ref-based element targeting
Configures comprehensive testing in Gradle including JUnit 5, TestContainers, test separation (unit vs integration), and code coverage with JaCoCo. Use when asked to "set up JUnit 5", "configure TestContainers", "separate integration tests", or "add code coverage". Works with build.gradle.kts, test source sets, and CI/CD configurations.