testing▌

This skill provides expert guide for testing Spring Boot 4 applications with modern patterns and best practices.

Provide systematic methodologies for identifying and exploiting Insecure Direct Object Reference (IDOR) vulnerabilities in web applications. This skill covers both database object references and static file references, detection techniques using parameter manipulation and enumeration, exploitation via Burp Suite, and remediation strategies for securing applications against unauthorized access.

pentest-checklist

A comprehensive skill for browser automation and visual testing using Playwright MCP server integration. This skill enables rapid UI testing, visual regression detection, automated browser interactions, and cross-browser validation for modern web applications.

When running Playwright tests from Claude Code or any CLI agent, always use minimal reporters to prevent verbose output from consuming the context window.

Comprehensive testing framework for Flutter apps across unit, widget, and integration test layers. \n \n Covers three test categories: unit tests for isolated logic, widget tests for UI components, and integration tests for end-to-end flows on real devices or emulators \n Provides architectural testing patterns for ViewModels, Repositories, Services, and Views, with emphasis on Fake implementations over mocks for cleaner test design \n Includes plugin testing guidelines combining Dart tests with

Comprehensive testing specialist for functional, performance, and security test design and execution. \n \n Covers unit, integration, E2E, performance (k6, Artillery), and security testing (OWASP) with structured workflows from scope definition through reporting \n Enforces test quality standards: meaningful assertions, isolated dependencies, edge-case coverage, and flaky-test remediation \n Provides reference guides for TDD methodology, testing anti-patterns, automation frameworks, and QA pract

Go provides a robust built-in testing framework (testing package) that emphasizes simplicity and developer productivity. Combined with community tools like testify and gomock, Go testing enables comprehensive test coverage with minimal boilerplate.

Bypass bot detection and CAPTCHA triggers using rebrowser-playwright with stealth techniques. \n \n Uses real GPU rendering, removes WebDriver signatures, and patches fingerprinting vectors to pass bot detection tests like bot.sannysoft.com \n Requires headed mode ( headless: false ) and real Chrome browser ( channel: 'chrome' ) to be effective \n Includes addInitScript to remove navigator.webdriver property, the most common detection method \n For Python, recommends undetected-chromedriver over

Use this skill when: