Agent Skills

io.github.mukul975/Anthropic-Cybersecurity-Skills/testing-for-sensitive-data-exposure

Identifying sensitive data exposure vulnerabilities including API key leakage, PII in responses, insecure storage, and unprotected data transmission during security assessments.

io.github.mukul975/Anthropic-Cybersecurity-Skills/testing-for-xxe-injection-vulnerabilities

Discovering and exploiting XML External Entity injection vulnerabilities to read server files, perform SSRF, and exfiltrate data during authorized penetration tests.

io.github.latitude-dev/latitude-llm/testing

Writing or debugging tests, choosing unit vs integration style, Postgres/ClickHouse tests, regenerating ClickHouse test schema, or exporting test helpers from packages without pulling test code into production bundles.

io.github.tursodatabase/turso/testing

How to write tests, when to use each type of test, and how to run them. Contains information about conversion of `.test` to `.sqltest`, and how to write `.sqltest` and rust tests

io.github.mukul975/Anthropic-Cybersecurity-Skills/testing-for-xss-vulnerabilities-with-burpsuite

Identifying and validating cross-site scripting vulnerabilities using Burp Suite's scanner, intruder, and repeater tools during authorized security assessments.

io.github.mukul975/Anthropic-Cybersecurity-Skills/testing-for-business-logic-vulnerabilities

Identifying flaws in application business logic that allow price manipulation, workflow bypass, and privilege escalation beyond what technical vulnerability scanners can detect.

io.github.openai/plugins/frontend-testing-debugging

Use when testing, debugging, or making targeted improvements to rendered frontend apps through the Build Web Apps or web dev plugin: local dev servers, UI regressions, interaction bugs, console errors, responsive layout, and visual QA. Check whether the Browser plugin is available and use it first when it is; otherwise use regular Playwright with the recorded reason.

io.github.PrefectHQ/fastmcp/python-tests

Write and evaluate effective Python tests using pytest. Use when writing tests, reviewing test code, debugging test failures, or improving test coverage. Covers test design, fixtures, parameterization, mocking, and async testing.

io.github.netalertx/NetAlertX/testing-workflow

Read before running tests. Detailed instructions for single, standard unit tests (fast), full suites (slow), handling authentication, and obtaining the API Token. Tests must be run when a job is complete.

io.github.mukul975/Anthropic-Cybersecurity-Skills/testing-for-host-header-injection

Test web applications for HTTP Host header injection vulnerabilities to identify password reset poisoning, web cache poisoning, SSRF, and virtual host routing manipulation risks.

io.github.mukul975/Anthropic-Cybersecurity-Skills/testing-for-open-redirect-vulnerabilities

Identify and test open redirect vulnerabilities in web applications by analyzing URL redirection parameters, bypass techniques, and exploitation chains for phishing and token theft.

io.github.enso-org/enso/testing-and-evaluation

Instructions for changes verification. It's a mandatory read when 1. asked for running any kind of tests, or 2. Finished implementing a milestone - always after finishing a plan.

io.github.mukul975/Anthropic-Cybersecurity-Skills/testing-for-xml-injection-vulnerabilities

Test web applications for XML injection vulnerabilities including XXE, XPath injection, and XML entity attacks to identify data exposure and server-side request forgery risks.

io.github.mukul975/Anthropic-Cybersecurity-Skills/testing-ransomware-recovery-procedures

Test and validate ransomware recovery procedures including backup restore operations, RTO/RPO target verification, recovery sequencing, and clean restore validation to ensure organizational resilience against destructive ransomware attacks.

io.github.elizaOS/eliza/browser-testing

VERIFY your changes work. Measure CLS, detect theme flicker, test visual stability, check performance. Use BEFORE and AFTER making changes to confirm fixes. Includes ready-to-run scripts: measure-cls.ts, detect-flicker.ts

io.github.mukul975/Anthropic-Cybersecurity-Skills/testing-for-email-header-injection

Test web application email functionality for SMTP header injection vulnerabilities that allow attackers to inject additional email headers, modify recipients, and abuse contact forms for spam relay.

iOS Simulator Skill

v0.1.2

io.clawhub.tristanmanchester/ios-simulator

21 production-ready scripts for iOS app testing, building, and automation. Provides semantic UI navigation, build automation, accessibility testing, and simulator lifecycle management. Optimized for AI agents with minimal token output.

io.github.mukul975/Anthropic-Cybersecurity-Skills/testing-for-json-web-token-vulnerabilities

Test JWT implementations for critical vulnerabilities including algorithm confusion, none algorithm bypass, kid parameter injection, and weak secret exploitation to achieve authentication bypass and privilege escalation.

io.github.sickn33/antigravity-awesome-skills/api-fuzzing-bug-bounty

Provide comprehensive techniques for testing REST, SOAP, and GraphQL APIs during bug bounty hunting and penetration testing engagements. Covers vulnerability discovery, authentication bypass, IDOR exploitation, and API-specific attack vectors.

io.github.huggingface/diffusers/parity-testing

Use when debugging or verifying numerical parity between pipeline implementations (e.g., research repo vs diffusers, standard vs modular). Also relevant when outputs look wrong — washed out, pixelated, or have visual artifacts — as these are usually parity bugs.

io.github.garrytan/gbrain/testing

Skill validation framework PLUS daily test-suite health and regression intelligence. Validates skill conformance (frontmatter, manifest coverage, resolver coverage). Runs the project test suite in tiered phases (unit / evals / integration / system health), classifies failures, and produces a regression-aware report.

io.github.mukul975/Anthropic-Cybersecurity-Skills/testing-api-for-broken-object-level-authorization

Tests REST and GraphQL APIs for Broken Object Level Authorization (BOLA/IDOR) vulnerabilities where an authenticated user can access or modify resources belonging to other users by manipulating object identifiers in API requests. The tester intercepts API calls, identifies object ID parameters (numeric IDs, UUIDs, slugs), and systematically replaces them with IDs belonging to other users to determine if the server enforces per-object authorization. This is OWASP API Security Top 10 2023 risk API1. Activates for requests involving BOLA testing, IDOR in APIs, object-level authorization testing, or API access control bypass.

io.github.bitwarden/ios/testing-ios-code

Write tests, add test coverage, unit test, or add missing tests for Bitwarden iOS. Use when asked to "write tests", "add test coverage", "test this", "unit test", "add tests for", "missing tests", or when creating test files for new implementations.

io.github.zebbern/claude-code-guide/api-fuzzing-bug-bounty

This skill should be used when the user asks to "test API security", "fuzz APIs", "find IDOR vulnerabilities", "test REST API", "test GraphQL", "API penetration testing", "bug bounty API testing", or needs guidance on API security assessment techniques.