Loading...
Loading...
Found 2,142 Skills
Move testing activities earlier in the development lifecycle to catch defects when they're cheapest to fix. Use when implementing TDD, CI/CD, or early quality practices.
Guides OT/ICS and SCADA cyber security—Purdue zones, IEC 62443 and NIST SP 800-82 (practitioner), OT asset inventory (PLCs, RTUs, HMIs, historians), secure remote access, OT patch/vuln management, ICS protocol monitoring (Modbus, DNP3, OPC, BACnet high level), safety-first IR, OT threat classes (TRITON, Industroyer), hardening roadmaps, IT/OT convergence. Use for OT program scope, ICS segmentation, OT vuln/patch, detection/IR playbooks, vendor remote access, IEC 62443 or NIST 800-82 gaps—not IT network pentest (network-pentester), web apps (web-pentester), HIL bench only (hardware-in-the-loop-security-tester), GRC only (compliance-specialist), SOC triage (soc-analyst), or IT IR without OT safety (incident-responder). Safety over aggressive testing; no unsafe live-plant steps.
Guides security assessment of embedded and cyber-physical systems on hardware-in-the-loop (HIL) test benches—bench setup, ECU/ECM or PLC targets, bus interfaces (CAN/CAN-FD, LIN, automotive Ethernet, Modbus at high level), fault injection and stimulus design, simulated plant/environment integration, attack-surface monitoring on real hardware, reproducible test cases, lab safety interlocks, and evidence capture for firmware and vehicle security teams. Use for HIL security testing, ECU security assessment, CAN bus security, PLC HIL test, fault injection lab, embedded hardware security—not web/API pentest (web-pentester), network-only pentest (network-pentester), malware/binary RE only (reverse-engineer), SOC operations (soc-analyst), AI red team (ai-redteam), classified ISSO paperwork (information-systems-security-officer-classified-specialist), or pure software CI without hardware (build-validator).
Full evaluation workflow - launch a run, watch progress, and summarize results. Use for end-to-end agent testing.
Implement database backup strategies. Configure automated backups, retention, and recovery testing. Use when designing backup and recovery procedures.
Comprehensive Android APK security analysis with static/dynamic testing, RASP detection, Frida instrumentation, and MASVS compliance scoring
Complete CI/CD guide for Cloudflare Workers using GitHub Actions and GitLab CI. Use for automated testing, deployment pipelines, preview environments, secrets management, or encountering deployment failures, workflow errors, environment configuration issues.
AI-powered penetration testing automation CLI using Google Gemini, Claude, or GPT-4 with LangChain for intelligent security assessments
Optimize Harness CI/CD pipeline performance via MCP. Configure parallel test execution with Test Intelligence, design multi-layer caching strategies, analyze pipeline bottlenecks with stage-level timing breakdowns, optimize cache hit rates, and design monorepo CI pipelines with selective builds. Use when asked to speed up pipelines, improve cache hit rates, set up parallel testing, optimize build times, or configure monorepo builds. Do NOT use for creating new pipelines (use create-pipeline instead) or debugging failures (use debug-pipeline instead). Trigger phrases: pipeline speed, slow pipeline, cache hit rate, parallel tests, test intelligence, build optimization, caching strategy, monorepo pipeline, pipeline bottleneck, build speed.
Conducts comprehensive network penetration tests against authorized target environments by performing host discovery, port scanning, service enumeration, vulnerability identification, and controlled exploitation to assess the security posture of network infrastructure. The tester follows PTES methodology from reconnaissance through post-exploitation and reporting. Activates for requests involving network pentest, infrastructure security assessment, internal network testing, or external perimeter testing.
Route agents to the right web access method only when built-in web access tools are unavailable or insufficient for the task. Use for public search/fetch, browser interaction, authenticated browsing, screenshots, web app testing, or Electron app control when built-in tools cannot handle the requirement.
Comprehensive ADMET (Absorption, Distribution, Metabolism, Excretion, Toxicity) profiling for drug candidates. Integrates ADMET-AI predictions, SwissADME drug-likeness, PubChemTox experimental toxicity, ChEMBL clinical data, Lipinski rule-of-five, and CYP interaction data. Use for drug-likeness assessment, BBB penetration, bioavailability, hepatotoxicity prediction, ADME/PK profiling, or screening compound libraries before lab testing.