testing▌

Conduct comprehensive security assessments of cloud infrastructure across Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). This skill covers reconnaissance, authentication testing, resource enumeration, privilege escalation, data extraction, and persistence techniques for authorized cloud security engagements.

Execute comprehensive web application security testing using Burp Suite's integrated toolset, including HTTP traffic interception and modification, request analysis and replay, automated vulnerability scanning, and manual testing workflows. This skill enables systematic discovery and exploitation of web application vulnerabilities through proxy-based testing methodology.

Writes failing tests first, establishing a strict implementation contract for test-driven development. \n \n Completes the RED phase of TDD by authoring behavior-focused tests that fail for the right reason, then hands off to implementation agents with objective pass criteria \n Delegates test authoring to a tdd_test_writer subagent when available, ensuring tests remain unmodified during implementation \n Detects existing test frameworks and conventions (pytest, jest, vitest, go test, cargo test

Specialized workflow for testing web applications against OWASP Top 10 vulnerabilities including injection attacks, XSS, broken authentication, and access control issues.

Vite-native unit and integration testing framework with Jest-compatible API and parallel execution. \n \n Supports testing Vue, React, and Svelte components with configurable environments (Node, jsdom, or browser mode) \n Provides Jest-compatible API including describe/it blocks, hooks, fixtures, and globals configuration \n Includes comprehensive mocking capabilities: vi.fn for function mocks, vi.mock for module mocking, and timer/date utilities \n Offers code coverage thresholds, snapshot test

$23

Custom Playwright scripts for any browser automation task, with auto-detected dev servers and visible browser execution. \n \n Auto-detects running localhost servers; writes all test scripts to /tmp to avoid project clutter \n Supports responsive design testing, login flows, form filling, link validation, screenshots, and arbitrary browser interactions \n Includes helper utilities for safe element interactions, cookie handling, table data extraction, and custom HTTP headers \n Executes via run.j

Comprehensive Vue.js testing guidance covering unit, component, and end-to-end testing strategies. \n \n Addresses 11 common testing challenges including async handling, composable testing, Pinia store setup, Suspense components, and Teleport queries \n Recommends Vitest for unit and component testing infrastructure, with Playwright as the preferred E2E framework \n Covers black-box component testing patterns to reduce brittleness during refactoring, async/await synchronization, and snapshot tes

Terminal-driven browser automation with element snapshots and interactive UI workflows. \n \n Operates via playwright-cli wrapper script (requires npx ); supports headless and headed modes for visual debugging \n Core workflow: open page, snapshot for stable element references, interact using refs, re-snapshot after navigation or DOM changes \n Includes form filling, clicking, typing, multi-tab management, screenshot/PDF capture, and trace recording for flow debugging \n Element refs (e.g., e3 ,

Expert knowledge for testing HTTP APIs with Supertest (TypeScript/JavaScript) and httpx/pytest (Python).