Loading...
Loading...
Found 60 Skills
Use Fusion DevTools CLI (fdev) for API testing, token acquisition, service discovery, and person lookup during development. USE FOR: calling Fusion REST APIs, getting access tokens as JSON, discovering services and environments, resolving persons, PIM role activation. DO NOT USE FOR: modifying backend service code, deploying services, infrastructure changes, CI/CD pipeline configuration, or Service Bus operations.
Use when running tests to validate implementations, collecting test evidence, or debugging failures. Load in TEST state. Covers unit tests (pytest/jest), API tests (curl), browser tests (Claude-in-Chrome), database verification. All results are code-verified, not LLM-judged.
Use when Django REST Framework for building APIs with serializers, viewsets, and authentication. Use when creating RESTful APIs.
Smoke test for alicloud-ai-search-milvus. Validate minimal authentication, API reachability, and one read-only query path.
REST Assured Java library for testing REST APIs. Covers HTTP requests, JSON/XML validation, and Spring Boot integration. USE WHEN: user mentions "rest assured", "api test java", "rest api test", asks about "given when then", "RestAssured", "HTTP test", "JSON validation" DO NOT USE FOR: Unit tests - use `junit`; E2E browser tests - use Selenium; WebSocket testing - use dedicated tools; Non-Java projects - use language-specific HTTP clients
Guideline for designing, implementing, and verifying secure APIs following OWASP API Security Top 10 (2023) best practices. Use when the user wants to: (1) review API code or design for security vulnerabilities, (2) design a secure REST, GraphQL, or gRPC API architecture, (3) implement API authentication and authorization (OAuth2, JWT, API keys, mTLS), (4) configure rate limiting, input validation, or CORS, (5) audit API endpoints for BOLA, BFLA, or mass assignment vulnerabilities, (6) create API security checklists or verification plans, (7) fix API security bugs or harden existing APIs, (8) set up API security testing (OWASP ZAP, Schemathesis, Burp Suite), or (9) handle any API security concern including SSRF prevention, resource consumption limits, business flow protection, API inventory management, and secure third-party API consumption.
Expert-level quality assurance, testing strategies, automation, and QA processes
Battle-tested Playwright patterns for E2E, API, component, visual, accessibility, and security testing. Covers locators, assertions, fixtures, network mocking, auth flows, debugging, and framework recipes for React, Next.js, Vue, and Angular. TypeScript and JavaScript.
Smoke test for alicloud-ai-entry-modelstudio-test. Validate minimal authentication, API reachability, and one read-only query path.
Use when writing E2E tests with Playwright, setting up test infrastructure, debugging flaky browser tests, organizing project structure, or testing REST APIs. Invoke for browser automation, E2E tests, Page Object Model, test flakiness, visual testing, project scaffolding, folder layout, API testing, JSON schema validation.
Generates Bruno collection files (.bru) from Express, Next.js, Fastify, or other API routes. Creates organized collections with environments, authentication, and folder structure for the open-source Bruno API client. Use when users request "generate bruno collection", "bruno api testing", "create bru files", or "bruno import".
k6 load testing tool. Use for performance testing.