Go-to-market planning and execution capabilities for product launches

Design and analyze surveys for product validation and user research

Allure test reporting framework for comprehensive test result visualization

Comprehensive API testing for REST and GraphQL endpoints with contract validation

Expert Cypress testing framework integration for browser-based end-to-end testing

Docker-based test environment management for isolated, reproducible test execution. Create Docker Compose environments, manage test containers, configure service dependencies, and integrate with CI/CD pipelines.

Expert Jest testing framework for JavaScript/TypeScript unit and integration testing

Deep integration with OWASP ZAP for automated security scanning, vulnerability detection, and API security testing. Execute spider/active scans, analyze alerts, generate security reports, and integrate with CI/CD pipelines.

Consumer-driven contract testing with Pact framework. Generate consumer contracts, configure Pact Broker publishing, execute provider verification, detect breaking changes, and integrate with CI/CD pipelines.

Deep integration with Playwright for browser automation and end-to-end testing

Expert pytest framework for Python unit, integration, and functional testing

Selenium WebDriver expertise for cross-browser automation and legacy system testing

Specialized skill for NVIDIA Isaac Sim photorealistic simulation and synthetic data generation

Compare API specifications to detect breaking changes. Compare OpenAPI spec versions, categorize changes by severity, generate migration guides, and block breaking changes in CI.

Generate CI/CD pipelines for SDK build and release

Multi-version, multi-platform SDK compatibility testing

Consumer-driven contract testing for SDK-API compatibility. Generate Pact consumer tests, verify provider contracts, configure Pact broker, and implement can-i-deploy checks.

Orchestrate multi-language SDK generation from OpenAPI specifications. Configure OpenAPI Generator per language, apply custom templates and post-processing, handle edge cases and custom extensions, and validate generated code compilation.

Automated OpenAPI specification generation from code annotations, comments, and interface definitions

Publish packages to language-specific registries

HTTP request/response debugging and inspection tools

Generate mock servers and clients for SDK testing

Analyze code changes and determine semantic version bumps. Detect breaking changes automatically, suggest version bump (major/minor/patch), generate changelog entries, and validate version consistency.

TypeScript SDK development with Node.js and browser support. Design SDK architecture, implement type-safe API clients, support ESM and CommonJS modules, and configure bundling for browsers.

Microsoft TypeSpec-based API and SDK generation

Automated OWASP Top 10 vulnerability detection and assessment. Run OWASP ZAP automated scans, detect injection vulnerabilities, identify broken authentication patterns, check for sensitive data exposure, analyze security misconfigurations, and generate OWASP-compliant reports.

Static Application Security Testing orchestration and analysis. Execute Semgrep, Bandit, ESLint security plugins, CodeQL, and other SAST tools. Parse, prioritize, and deduplicate findings across multiple tools with remediation guidance.

Detect secrets, credentials, and sensitive data in code and configurations. Scan git history for secrets, detect API keys, tokens, passwords, check environment files, monitor CI/CD logs for exposure, generate remediation steps, and track secret rotation status.

AI/ML model security testing and adversarial research capabilities. Generate adversarial examples, test model robustness, perform model extraction attacks, test for data poisoning, analyze model fairness, and support ART framework integration.

Web application security testing with Burp Suite integration

Multi-cloud security assessment and penetration testing capabilities. Execute Prowler/ScoutSuite assessments, analyze IAM policies, identify cloud misconfigurations, test permissions, and enumerate cloud resources across AWS/GCP/Azure.

Comprehensive fuzzing operations with AFL++, libFuzzer, and OSS-Fuzz integration

Digital forensics and incident response capabilities. Analyze memory dumps with Volatility, parse filesystem artifacts, extract browser forensics, analyze Windows event logs, create forensic timelines, recover deleted files, and generate forensic reports.

Android and iOS application security testing

Isolated analysis environment management for malware and exploit testing. Create and manage isolated VMs, configure Cuckoo Sandbox, set up REMnux/FlareVM environments, manage Docker-based analysis containers, and capture filesystem and process changes.

YARA rule creation, testing, and deployment

Specialized skill for processing Markdown and MDX documentation. Supports parsing, rendering, TOC generation, link validation, frontmatter processing, and diagram embedding.

Specialized skill for generating and validating OpenAPI 3.0/3.1 specifications. Supports code-first and spec-first approaches, schema inference, validation, and mock server generation.

Specialized skill for analyzing Terraform configurations. Supports parsing, security scanning (tfsec, checkov), cost estimation (infracost), drift detection, and plan visualization across AWS, Azure, and GCP.

Extract, validate, and test code samples in documentation. Verify syntax, execute samples, check outputs, validate imports, and ensure code samples are up-to-date with current APIs.

Documentation accessibility validation and remediation. Check WCAG 2.1 compliance, validate alt text, analyze heading hierarchy, verify color contrast, and generate accessibility reports.

JavaScript and TypeScript documentation generation using JSDoc and TSDoc. Parse source code, generate API documentation, validate coverage, and integrate with TypeDoc for comprehensive developer documentation.

Expert skill for OpenAPI/Swagger specification analysis, validation, and documentation generation. Parse and validate specs, detect breaking changes, generate code samples, and lint for best practices.

ReadMe.com platform integration for API documentation. Sync OpenAPI specs, manage versions, configure API reference settings, automate changelogs, and integrate with metrics dashboards.

Automated accessibility testing using axe-core API for WCAG compliance validation. Run accessibility scans, generate violation reports, suggest code fixes, and track accessibility debt.

Direct Figma API interactions for design asset management. Fetch files and components, extract design tokens, export images, manage comments, and access version history.

Visual regression testing through screenshot capture and comparison. Pixel-diff analysis, responsive screenshot capture across viewports, and visual change reporting with highlighted differences.

GitHub Actions for web app CI/CD, testing, and deployment.

Next.js specific patterns including App Router, React Server Components, Server Actions, streaming, caching, and Vercel deployment.

Playwright E2E testing, page objects, fixtures, visual regression, accessibility testing, and CI integration patterns.