Loading...
Loading...
Found 3,737 Skills
Evaluate and improve skills through measured testing. Run trigger evaluations to test whether skill descriptions cause correct activation, optimize descriptions via automated train/test loops, benchmark skill output quality with A/B comparisons, and validate skill structure. Use when user says "improve skill", "test skill triggers", "optimize description", "benchmark skill", "eval skill", or "skill quality". Do NOT use for creating new skills (use skill-creator-engineer).
Browser QA — Automated Visual Testing & Interaction
Spring Boot testing fundamentals including @SpringBootTest, slice tests, MockMvc, mocking with @MockBean, test configuration, and testing utilities. For integration tests with Testcontainers, see spring-boot-integration. USE WHEN: user mentions "spring boot test", "mockmvc", "@WebMvcTest", "@DataJpaTest", asks about "@SpringBootTest", "@MockBean", "spring test", "controller test", "repository test" DO NOT USE FOR: Unit tests - use `junit` with Mockito; Integration tests with real DB - use `spring-boot-integration`; REST API clients - use `rest-assured`; E2E tests - use Selenium
Generates Angular code and provides architectural guidance for existing Angular v19 projects. Trigger for best practices on reactivity (signals, linkedSignal, resource), forms, dependency injection, routing, animations, styling (component styles, Tailwind CSS), testing, or CLI tooling.
Patterns for using Testcontainers in .NET integration tests to spin up real dependencies like databases and message queues. Use when writing integration tests that require real databases, testing with message brokers like RabbitMQ or Kafka, or isolating test dependencies with Docker containers.
Use when writing or changing tests, adding mocks, or tempted to add test-only methods to production code - prevents testing mock behavior, production pollution with test-only methods, and mocking without understanding dependencies
OAuth and OIDC misconfiguration testing playbook. Use when reviewing redirect URI handling, state and nonce validation, PKCE, token audience, callback binding, and identity-provider trust flaws.
Clickjacking playbook. Use when testing whether target pages can be framed, whether X-Frame-Options or CSP frame-ancestors are properly configured, and whether UI redress attacks can trigger sensitive actions.
Entry P0 primary router for HackSkills. Use when the task involves web application testing, API security assessment, recon, vulnerability triage, exploit path planning, or choosing the right next category skill before any deep topic skill.
DNS rebinding attack playbook. Use when testing applications that trust DNS resolution for origin checks, interact with internal services from browser context, or when SSRF is not possible server-side but the target has client-side fetch/XHR to attacker-controlled domains.
Use when the user asks about chaos engineering, fault injection, resilience testing, or HA verification for a SPECIFIC AWS service (e.g., RDS, EKS, MSK, ElastiCache, DynamoDB, S3, Lambda, OpenSearch, etc.). Triggers on "chaos testing on [service]", "fault injection for [service]", "how to test HA of [service]", "FIS scenarios/actions for [service]", "[service] failover testing", "[service] resilience testing", "[service] 混沌测试", "[service] 故障注入", "[service] 高可用验证", "对 [service] 做混沌实验", "test my [service]", "verify my [service] is resilient". Use this skill even when the user phrases it casually like "test my RDS" or "how resilient is my MSK cluster".
Cointegration testing for pairs trading using Engle-Granger, Johansen, and rolling stability analysis