QA Skills for Windsurf

Jest unit testing patterns with mocking, spies, snapshots, and async testing

Cypress end-to-end testing with custom commands, intercepts, and component testing

User-centric React component testing with queries, events, and async utilities

Browser automation tool by Vercel Labs enabling programmatic web interaction. Navigate URLs, capture interactive elements with refs, fill forms, take screenshots, generate PDFs, and run parallel sessions.

Blazing fast Vite-native unit testing with Jest-compatible API and ESM support

Python testing with pytest fixtures, parametrize, markers, and plugins

Headless Chrome automation with Puppeteer for web scraping, PDF generation, and E2E testing

Automated performance, accessibility, and SEO auditing with Google Lighthouse

Modern load testing with k6 including thresholds, scenarios, and custom metrics

Mock Service Worker for seamless API mocking in browser and Node.js environments

API testing with Playwright APIRequestContext for REST and GraphQL endpoints

Official Vue.js testing utilities for component mounting, mocking, and assertions

Track test coverage with Istanbul/nyc, generate reports, and enforce thresholds

Test React, Vue, and Angular components in isolation with Storybook interactions and play functions

Configure testing in CI/CD pipelines for GitHub Actions, Jenkins, and GitLab CI

Production-grade REST API automation framework with REST Assured, POJO serialization using GSON, PayloadManager pattern, E2E integration workflows with TestNG ITestContext, and Allure reporting.

HTTP assertion library for Node.js API testing with Express, Koa, and Fastify

OWASP Top 10 security testing patterns and vulnerability scanning

Enforce testing best practices with ESLint rules for Jest, Testing Library, and Cypress

Angular TestBed component testing with dependency injection, async testing, and Jasmine

Integration testing with throwaway Docker containers for databases and external services

Simple mobile UI testing with YAML flows for iOS and Android without complex setup

GraphQL API testing with schema validation, query testing, and mutation verification

Component and API snapshot testing to detect unexpected changes across releases

Modern load testing toolkit with YAML-based scenarios, metrics, and CI/CD integration

Test-driven development workflow patterns with red-green-refactor cycle and refactoring techniques

Postman collections, environments, pre-request scripts, and Newman CI

Test data strategies using Faker.js, factories, builders, and database seeding

Gray box E2E testing for React Native apps on iOS and Android simulators

Comprehensive authentication and authorization bypass testing including session hijacking, privilege escalation, JWT manipulation, and access control verification

Test quality verification with Stryker mutation testing for JavaScript and TypeScript

Testing GraphQL subscriptions including WebSocket lifecycle, real-time event delivery, authorization on subscriptions, and connection management.

Cross-browser E2E testing with WebdriverIO, Cucumber integration, and visual regression

Testing CI/CD pipeline configurations including build validation, deployment verification, rollback testing, and pipeline-as-code quality checks.

Testing monitoring and alerting configurations including threshold validation, alert routing, escalation policies, and false-positive rate monitoring.

Coverage-guided fuzz testing using libFuzzer for C/C++ applications to find memory corruption, buffer overflows, and crash-inducing inputs.

Database performance testing including query optimization, index analysis, connection pooling, slow query detection, and N+1 query prevention.

Test isolation techniques including database cleanup, transaction rollback, parallel test execution, and shared resource management.

Testing logging implementations including log level verification, structured logging validation, log rotation testing, and log aggregation pipeline testing.

Accessibility testing for mobile apps including VoiceOver/TalkBack testing, touch target sizes, dynamic type support, and motor accessibility.

Visual regression testing with Playwright screenshots and diff comparison

Automated scanning of project dependencies for known vulnerabilities using tools like npm audit, Snyk, and Dependabot patterns.

Android UI testing framework with synchronization, view matchers, and actions

Safe testing-in-production strategies including feature flags, shadow traffic, canary releases, dark launches, and observability-driven development.

Test-Driven Development mastery with red-green-refactor cycle, outside-in TDD, test-first design, and incremental development patterns.

Test fixture design patterns including builders, factories, object mothers, and fixture management for maintainable test data setup.

Master the Test-Driven Development approach with Red-Green-Refactor cycles, writing tests before code, comprehensive coverage patterns, and quality code practices for building robust, maintainable software.

Infrastructure-as-Code testing with Terratest, terraform validate, plan verification, and drift detection for Terraform configurations.

Integration testing with Sentry for error tracking, performance monitoring, and release health verification in production environments.

Svelte component testing with @testing-library/svelte, vitest, component rendering, event simulation, store testing, and SvelteKit testing.

Comprehensive WCAG 2.1 AA compliance testing combining automated axe-core scans with manual keyboard navigation, screen reader compatibility, and focus management verification

SSL/TLS configuration testing including certificate validation, cipher suite analysis, protocol version checks, and HSTS verification.

Testing SOC 2 compliance controls including security monitoring, change management, access reviews, and incident response procedures.

Processing and analyzing Static Analysis Results Interchange Format (SARIF) files for aggregating security findings across multiple scanning tools.

Go testing with testing package, table-driven tests, subtests, benchmarks, test fixtures, httptest, and testify assertions.

gRPC service testing including protobuf validation, streaming tests, error handling, deadline testing, and load testing for gRPC endpoints.

Flutter app testing with widget tests, integration tests, golden tests, Mockito, bloc testing, and Flutter Driver for end-to-end scenarios.

Comprehensive file upload testing including format validation, size limits, malware scanning, storage verification, and concurrent upload handling.

Testing API versioning strategies including URL path, header, and query parameter versioning with backward compatibility validation.

Comprehensive end-to-end testing methodologies and best practices covering architecture, test design, data management, flakiness prevention, and cross-browser strategies.

Testing scheduled tasks and cron jobs including execution timing, idempotency, failure recovery, overlap prevention, and timezone handling.

Approval testing methodology using ApprovalTests library for verifying complex outputs against human-approved results with diff-based review.

Apache JMeter load testing with thread groups, assertions, and distributed testing

Testing distributed tracing implementations including context propagation, span correlation, baggage handling, and trace sampling verification.

Design and maintain lightweight production smoke test suites that verify critical user journeys, API health, and infrastructure availability after deployments

Automatically generate comprehensive API test suites from OpenAPI specifications covering CRUD operations, error handling, authentication, pagination, and edge cases

Flexible JavaScript testing framework with async support, hooks, and rich reporter ecosystem

Detecting and testing infrastructure drift between desired state and actual state using automated scanning, alerting, and remediation patterns.

Swift testing with XCTest, Swift Testing framework, async/await testing, SwiftUI preview testing, and performance measurement.

Elasticsearch testing including index management, query validation, mapping verification, bulk operation testing, and search relevance scoring.

Cross-platform desktop and application screenshot capture for visual testing, UI verification, and automated visual comparison across macOS, Linux, and Windows.

CLI tool for persistent browser automation with multi-session support, featuring Chromium/Real/Remote browser modes, cookie management, JavaScript execution, and long-running automation workflows.

Verifying data integrity constraints, referential integrity, data type validation, and consistency checks across database operations.

Comprehensive authentication testing including login flows, password policies, MFA, session management, account lockout, and SSO integration.

Comprehensive RESTful API testing patterns covering HTTP methods, status codes, request/response validation, authentication, error handling, and contract testing.

Intelligent regression test selection using code change analysis, dependency graphs, and risk assessment to minimize test execution time.

Exhaustive testing of form validation logic including boundary values, injection payloads, encoding edge cases, and client-server validation bypass techniques

Building effective smoke test suites for deployment verification including critical path coverage, health endpoints, and rapid feedback testing.

Testing distributed tracing and observability instrumentation with OpenTelemetry including span verification, metric collection, and log correlation.

End-to-end testing for React Native apps using Detox with gray-box testing, synchronization, device simulation, and CI integration.

Advanced Allure test reporting with custom categories, environment info, test history trends, flaky test detection, and CI/CD dashboard integration.

Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations to produce actionable AppSec-grade threat models.

Risk-based testing approach for prioritizing test efforts based on business impact, change frequency, complexity, and historical defect patterns.

Automated accessibility testing with axe-core and WCAG 2.1 compliance

Detect, quarantine, and systematically fix flaky tests with automated retry analysis, root cause categorization, and CI pipeline integration for test reliability

Debug and fix failing GitHub PR checks by inspecting GitHub Actions logs, summarizing failure context, drafting fix plans, and implementing fixes after approval.

API mocking with Mock Service Worker for browser and Node.js environments including request interception, response simulation, and network error testing.

Testing Cross-Origin Resource Sharing configurations for misconfigurations, overly permissive policies, and credential handling vulnerabilities.

FastAPI application testing with TestClient, dependency injection overrides, async testing, database testing with SQLAlchemy, and OpenAPI validation.

Native iOS UI testing with Swift and Xcode Test Navigator integration

Validate API responses against OpenAPI/Swagger specifications, JSON Schema definitions, and consumer-driven contracts to prevent breaking changes

Testing cookie and session management including secure flags, SameSite policy, session fixation, timeout behavior, and cross-domain cookie handling.

Comprehensive SQL injection testing patterns including blind SQLi, time-based, union-based, and parameterized query validation techniques.

Simulate aggressive user behavior patterns including rapid clicking, random navigation, form abuse, tab spamming, and unexpected interaction sequences to find UI resilience issues

Writing custom static analysis rules for ESLint, Semgrep, and SonarQube to enforce project-specific code quality and security standards.

Fuzz testing for Rust applications using cargo-fuzz and libFuzzer to discover memory safety issues, panics, and undefined behavior.

Generative testing with fast-check to discover edge cases automatically

Search feature testing including relevance scoring, autocomplete, typo tolerance, faceted search, pagination, and search analytics verification.

Testing library backward compatibility including public API surface verification, semver compliance, TypeScript type compatibility, and migration path validation.

Vue.js component testing using Vue Test Utils with mount/shallow mount, event simulation, Vuex/Pinia store testing, and composition API testing.

Testing real-time collaborative features including conflict resolution, CRDT validation, cursor presence, and concurrent editing scenarios.

Automated page performance auditing covering Core Web Vitals, resource loading analysis, render-blocking detection, and performance budget enforcement

Testing webhook implementations including delivery verification, retry logic, signature validation, idempotency, and failure handling patterns.

Java REST API testing with REST Assured including JSON schema validation

Automated screenshot comparison testing with configurable thresholds, anti-aliasing tolerance, and responsive viewport visual validation.

Parallel test execution with Selenium Grid including hub/node configuration, Docker-based grid, cross-browser testing, and session management.

Comprehensive JWT token security testing including signature verification, expiration checks, algorithm confusion attacks, and claim validation.

Automated open-source license compliance testing to detect license conflicts, copyleft violations, and license compatibility issues in dependencies.

Optimize CI/CD test pipeline execution through intelligent test splitting, parallelization, caching strategies, and selective test execution to reduce pipeline duration

Testing data pipelines including ETL validation, data quality checks, pipeline orchestration testing, and data lineage verification.

Advanced security analysis using GitHub CodeQL to find zero-day vulnerabilities, injection flaws, and security anti-patterns in source code.

Detect and eliminate N+1 query problems in database-backed applications through query counting, execution plan analysis, and ORM configuration auditing

Express.js API testing with supertest, middleware testing, route handler testing, error handling verification, and authentication testing.

Data-driven testing with parameterized tests, test matrices, combinatorial testing, and pairwise parameter generation techniques.

Node.js E2E testing framework with TypeScript support, smart assertions, and parallel execution

Generate consumer-driven contract tests using Pact framework to verify API provider-consumer compatibility and prevent integration breaking changes

Identify untested code paths, uncovered branches, and missing test scenarios using coverage analysis, risk mapping, and change-based coverage tracking

Modern cloud-scale load testing using Artillery.io for HTTP, WebSocket, Socket.io, and custom protocol testing with YAML-based test definitions.

Testing browser extensions including content script injection, background worker testing, popup UI testing, storage API testing, and cross-browser compatibility.

Contract testing for GraphQL APIs including schema breaking change detection, query compatibility testing, and federated schema validation.

Testing database migration scripts for correctness, rollback safety, data integrity, and zero-downtime migration patterns.

Advanced debugging patterns for test failures covering root cause analysis, flakiness investigation, performance debugging, and systematic troubleshooting methodologies.

Automatically generating API tests from OpenAPI/Swagger specifications including request validation, response schema checking, and edge case generation.

Payment gateway testing including Stripe, PayPal, and Square integration testing with sandbox environments, webhook verification, and error handling.

NestJS application testing with @nestjs/testing, dependency injection mocking, e2e testing with supertest, guard testing, and pipe validation testing.

Automated detection and prevention of leaked secrets, API keys, passwords, and tokens in code using tools like gitleaks, trufflehog, and pre-commit hooks.

Comprehensive guide to test doubles including mocks, stubs, spies, fakes, and dummies with when-to-use guidelines and anti-pattern avoidance.

Optimizing test suite execution speed with parallelization, test splitting, caching, selective test execution, and test impact analysis.

Automated detection and reporting of broken links, missing resources, and orphaned pages across web applications using crawl-based and DOM-based strategies

Automated detection of breaking API changes including response format changes, removed endpoints, type changes, and deprecation enforcement.

Static application security testing using Semgrep for finding vulnerabilities, code smells, and enforcing security policies across codebases.

Build reusable test data factories with builder patterns, realistic fake data generation, relationship handling, and database seeding for consistent test environments

Flask application testing with test client, fixture patterns, SQLAlchemy model testing, blueprint testing, and Flask-specific extension testing.

Automated compliance testing using Open Policy Agent, Chef InSpec, and custom policy engines for security baseline validation.

American Fuzzy Lop Plus Plus mutation-based fuzz testing for finding crashes, hangs, and security vulnerabilities in binary programs.

Analyze pull request code changes to determine which tests are affected, recommend test execution order, and identify missing test coverage for modified code paths

Rails application testing with RSpec, FactoryBot, Capybara, system tests, request specs, model specs, and Rails-specific testing conventions.

Scalable mobile testing using cloud device farms like AWS Device Farm, BrowserStack, and Firebase Test Lab for cross-device compatibility.

Testing Server-Sent Events implementations including event stream validation, reconnection behavior, event ID tracking, and EventSource client testing.

Systematically generate negative test cases covering invalid inputs, unauthorized actions, missing required fields, exceeded limits, and malformed request payloads

Automatically generate comprehensive test cases from user stories and acceptance criteria using BDD patterns, equivalence partitioning, and risk-based prioritization

Testing message queue implementations including RabbitMQ, SQS, and Kafka with delivery guarantees, ordering, dead letter queues, and consumer testing.

Mobile app testing automation for iOS and Android with Appium

Laravel PHP testing with PHPUnit, feature tests, browser tests with Dusk, database factories, mocking facades, and HTTP testing helpers.

DNS configuration testing including record validation, DNSSEC verification, resolution timing, failover testing, and DNS-based service discovery.

Chaos testing for Kubernetes workloads using Chaos Mesh, Litmus, and custom fault injection for pod, network, and disk failures.

Testing feature flag implementations including flag evaluation, gradual rollout verification, fallback behavior, and flag cleanup detection.

Detect and reproduce race conditions in web applications including double submissions, concurrent state mutations, and timing-dependent UI bugs

Testing implementations against formal specifications including RFC compliance, protocol adherence, and standards conformance verification.

API endpoint fuzzing for discovering unexpected behaviors, crashes, and security vulnerabilities through malformed requests, boundary values, and protocol violations.

High-performance load testing using Gatling with Scala/Java DSL for simulating thousands of concurrent users and analyzing response time distributions.

Analyze git repositories to build security ownership topology, compute bus factor for sensitive code, detect orphaned security-critical files, and export ownership graphs for visualization.

Network-level testing with Playwright including request interception, response mocking, network throttling, and HAR recording/replay.

Writing and testing YARA rules for malware detection, threat hunting, and file classification with rule validation and false-positive rate testing.

Testing in ephemeral preview environments for pull requests including environment provisioning, data seeding, and automated teardown.

Systematically detect, capture, and categorize browser console errors, warnings, and unhandled exceptions during automated test execution

Generate tests for database migration safety covering schema changes, data integrity preservation, rollback verification, and zero-downtime migration validation

Systematic memory profiling and leak detection in applications using heap snapshots, allocation tracking, and garbage collection analysis.

Testing API rate limiting implementations including throttling behavior, burst handling, rate limit headers, and distributed rate limiting patterns.

Configure and generate rich Allure test reports with test categorization, historical trends, environment details, and CI/CD integration for comprehensive test visibility

Detect timezone-related bugs including incorrect date conversions, DST edge cases, locale formatting issues, and UTC offset miscalculations across application layers

Generate realistic performance test scenarios with load profiles, ramp-up patterns, think times, and acceptance criteria derived from production traffic analysis

Integration with Google OSS-Fuzz for continuous fuzzing of open-source projects with automated bug filing and regression tracking.

Generate boundary value test cases for numeric ranges, string lengths, date ranges, collection sizes, and domain-specific constraints using systematic analysis techniques

Evaluate search functionality quality including relevance ranking, typo tolerance, faceted filtering, autocomplete accuracy, and zero-results handling

OpenAPI/Swagger specification validation and testing to ensure API implementations match their documented contracts with automated drift detection.

Generate and maintain visual regression screenshot baselines with intelligent diffing, responsive breakpoint coverage, and dynamic content masking strategies

MongoDB testing with in-memory MongoDB, aggregation pipeline testing, schema validation, indexing verification, and replica set testing.

Automated API testing using Postman collections with Newman CLI for CI/CD integration, environment management, and test reporting.

Identify and diagnose memory leaks in web applications through heap analysis, DOM node counting, detached element detection, and performance profiling

Testing pagination implementations including cursor-based, offset-based, keyset pagination with edge cases, performance, and consistency verification.

Validate error boundary implementations in React and other frameworks ensuring graceful degradation, proper fallback UI rendering, and error recovery flows

Generate and evaluate mutation tests to assess test suite effectiveness by introducing controlled code mutations and verifying test detection rates

Generate comprehensive test cases from state machine models covering all states, transitions, guard conditions, and invalid transition attempts for workflow-heavy features

Automated WCAG 2.2 AA/AAA compliance testing with axe-core, Pa11y, and manual testing patterns for keyboard navigation, screen readers, and color contrast.

Managing test environments including provisioning, configuration, data seeding, isolation, cleanup, and environment-as-code patterns.

Cross-site scripting vulnerability testing covering reflected, stored, and DOM-based XSS with sanitization validation and CSP bypass detection.

Master code review best practices with constructive feedback patterns, quality assurance standards, review checklists, security considerations, and collaborative improvement techniques for high-quality software delivery.

Validating A/B test implementations including traffic splitting accuracy, statistical significance calculation, metric tracking, and experiment cleanup.

Testing load balancer configurations including health check validation, routing algorithms, session affinity, failover behavior, and SSL termination.

Behavior-driven development with Cucumber, Gherkin, and step definitions

Verify loading states, skeleton screens, spinners, and progress indicators across all data-fetching scenarios including slow networks, errors, and partial loads

Modern JavaScript testing strategies with Jest, Mocha, and testing best practices covering unit testing, integration testing, mocking, async patterns, and DOM testing.

Docker-based integration testing with Testcontainers for databases, message queues, cloud services, and custom containers with lifecycle management.

Testing augmented and virtual reality applications including spatial tracking, gesture recognition, performance on headsets, and motion sickness testing.

SOAP web service testing including WSDL validation, XML schema testing, WS-Security, and SOAP fault handling verification.

Automated accessibility testing with axe-core integrated into CI pipelines, including custom rule configuration, issue prioritization, and remediation guidance.

Test WebSocket connections for reliability including reconnection logic, message ordering, heartbeat mechanisms, and connection state management under adverse conditions

Systematically test responsive web layouts across viewports, detecting overflow, text truncation, overlapping elements, and broken grid layouts

Generate comprehensive test plans with coverage matrices and risk-based testing

Kubernetes deployment testing including manifest validation, Helm chart testing, pod health checks, network policy testing, and rollback verification.

Test touch interactions and mobile gestures including swipe, pinch-zoom, long-press, drag-and-drop, pull-to-refresh, and multi-touch behaviors across mobile viewports

Anonymizing production data for testing while maintaining referential integrity, data distributions, and edge case representation.

Identify and log user experience friction points including excessive clicks, confusing navigation, slow interactions, and workflow bottlenecks through automated heuristic analysis

Smart contract testing with Hardhat, Foundry, and Brownie including unit tests, gas optimization, reentrancy checks, and fork testing.

Testing Docker containers and images including Dockerfile linting, container structure tests, security scanning, and multi-stage build validation.

Testing retry mechanisms, circuit breakers, bulkheads, and timeout patterns for building resilient distributed systems.

Testing multi-tenant application isolation including data segregation, tenant-specific configuration, cross-tenant access prevention, and performance isolation.

Generate optimized test combinations using pairwise (all-pairs) testing algorithms to achieve maximum coverage with minimum test cases across multiple input parameters

Component testing with Cypress including mount API, React/Vue/Angular component testing, stub patterns, and visual snapshot testing.

Detect localization and internationalization defects including untranslated strings, text expansion overflow, RTL layout issues, and locale-specific formatting errors

Automatically generate regression test cases from bug reports and incident post-mortems to prevent previously fixed defects from recurring

Testing edge computing deployments including latency verification, edge function testing, CDN worker testing, and geo-distributed test execution.

Behavior-Driven Development with Gherkin syntax, step definitions, scenario outlines, data tables, and living documentation generation.

Email delivery testing including content verification, rendering across clients, spam score checking, link validation, and transactional email workflow testing.

Testing error handling paths including exception propagation, error boundaries, retry logic, circuit breakers, and graceful degradation.

Testing desktop applications built with Electron, Tauri, or native frameworks including window management, IPC, tray icons, and auto-update testing.

Testing GDPR compliance requirements including data deletion, consent management, data portability, right to erasure, and privacy policy enforcement.

Golden file testing pattern for comparing output against approved baselines with update workflows, diff tools, and version control integration.

Testing HIPAA compliance for healthcare applications including PHI handling, audit logging, access controls, and data encryption verification.

i18n testing covering locale switching, date/number formatting, RTL layout, plural forms, ICU messages, and translation completeness verification.

Quantify and track test technical debt including missing tests, outdated assertions, disabled tests, inadequate coverage, and maintenance burden across the test suite

Python-based load testing with Locust for writing user behavior scripts, distributed testing, real-time web UI monitoring, and custom load shapes.

Generate structured exploratory testing charters with focused missions, time-boxed sessions, risk-based areas, and standardized note-taking templates for systematic exploration

Analyze web application interfaces for cognitive overload using automated heuristics covering information density, choice complexity, visual hierarchy, and interaction patterns

Detect visual defects in dark mode implementations including contrast issues, hardcoded colors, missing theme tokens, and inconsistent component theming

Validate the first-time user experience including onboarding flows, empty states, tutorial completion, progressive disclosure, and initial setup wizards

Validate progressive web app offline functionality including service worker caching, offline data persistence, sync-on-reconnect behavior, and graceful degradation

Identify stale cache issues across browser cache, CDN layers, API response caching, and application-level caches that cause users to see outdated content

Consumer-driven contract testing with Pact and Pact Broker

Testing Service Level Agreements and Objectives including availability targets, latency percentiles, error budgets, and automated SLO compliance reporting.

Anthropic's official web application testing skill using native Python Playwright scripts with helper utilities for server lifecycle management, browser automation, and comprehensive E2E testing workflows.

Testing application configurations including environment variable validation, feature flag combinations, config file parsing, and default value verification.

Contract-first testing approach using Pact, Spring Cloud Contract, or Dredd for ensuring API consumer-provider compatibility.

Integrating screenshot-based visual testing into CI pipelines with baseline management, review workflows, and cross-platform rendering comparison.

Audit empty states across web applications ensuring proper messaging, helpful CTAs, illustration rendering, and graceful handling when data is unavailable

Testing PDF generation including layout verification, content accuracy, font embedding, accessibility (PDF/UA), and cross-platform rendering consistency.

Isolating and testing individual UI components with dependency mocking, state injection, and visual snapshot verification.

Security testing for LLM-powered applications including prompt injection, jailbreak detection, data leakage prevention, and AI safety testing.

Test notification systems for spam behavior including duplicate alerts, missing throttling, incorrect delivery channels, and notification preference violations

Testing LLM-powered features including output quality validation, hallucination detection, token usage monitoring, and prompt regression testing.

Integration testing strategies including database integration, external service integration, message queue testing, and test container patterns.

Map changelog entries and release notes to corresponding test cases ensuring every shipped feature and bugfix has associated test verification

Analyzing code changes to determine which tests are impacted, enabling selective test execution and faster CI feedback loops.

Testing CDN configurations, cache hit ratios, cache invalidation, TTL policies, and edge caching behavior for optimal content delivery.

Audit error messages across web applications for clarity, helpfulness, consistency, localization readiness, and security information leakage

Enforces rigorous verification evidence before any claims of task completion, preventing false positives, untested deployments, and premature celebration with a structured gate function.

Write clear bug reports with reproduction steps and severity classification

Detecting and diagnosing flaky tests using statistical analysis, execution recording, environmental factor isolation, and quarantine strategies.

Systematic dark mode testing covering color contrast, theme switching, persistence, media query respect, component-level theming, and image adaptation.

Setting up and optimizing test pipelines in GitHub Actions with caching, parallel execution, matrix builds, and test result reporting.

Automated responsive design testing across breakpoints, viewports, and devices with visual comparison and layout verification.

Advanced chaos engineering patterns using Chaos Monkey, Litmus, and Gremlin for testing distributed system resilience under failure conditions.

Designing scalable test architectures including test pyramid, diamond, trophy, and honeycomb patterns with framework-agnostic implementation.

Comprehensive WCAG compliance and accessibility testing covering ARIA, keyboard navigation, screen readers, color contrast, and automated a11y validation.

Advanced mutation testing using Stryker, PIT, and mutmut to measure test suite quality by introducing controlled mutations and tracking kill rates.

Enforcing performance budgets in CI/CD including bundle size limits, load time thresholds, Lighthouse score gates, and resource count limits.

Automated cross-browser testing across Chrome, Firefox, Safari, and Edge with visual comparison, feature detection, and polyfill verification.

Implementing test observability with execution analytics, failure trend analysis, coverage gap detection, and test suite health dashboards.

End-to-end database testing with test containers, data seeding, cleanup strategies, transaction isolation, and production data anonymization.

Comprehensive Python testing best practices with pytest, covering unit testing, integration testing, mocking, fixtures, property-based testing, and test architecture.

Automated web application security scanning using OWASP ZAP for finding XSS, SQL injection, CSRF, and other OWASP Top 10 vulnerabilities.

Comprehensive website auditing skill using Lighthouse, PageSpeed Insights, and web performance APIs to audit performance, accessibility, SEO, best practices, and security.

Kotlin testing with JUnit 5, MockK, Kotest, coroutine testing, Android testing with Espresso, and Kotlin-specific assertion libraries.

IoT device testing including firmware validation, protocol testing (MQTT, CoAP), power consumption testing, and over-the-air update verification.

Testing voice-activated applications including speech recognition accuracy, intent detection, dialog flow testing, and multi-language support.

Synthetic monitoring test creation for uptime checking, user journey simulation, API health verification, and multi-region availability testing.

Redis testing including cache behavior verification, pub/sub testing, transaction testing, cluster failover testing, and data expiration validation.

Spring Boot application testing with @SpringBootTest, MockMvc, @DataJpaTest, Testcontainers, and Spring Security testing patterns.

Frontend performance testing covering bundle size analysis, render performance, animation frame rate, React re-render detection, and lazy loading verification.

Consumer-driven contract testing for microservices using Pact, ensuring API compatibility and preventing integration breakages across service boundaries.

Testing PCI-DSS compliance for payment processing including encryption validation, access control testing, and secure data storage verification.

Testing API schema evolution patterns including additive changes, field deprecation, type widening, and backward-compatible migration strategies.

Testing serverless functions including Lambda, Cloud Functions, and Edge Functions with local emulation, cold start testing, and timeout handling.

Security testing for OAuth2 implementations including authorization code flow, PKCE, token handling, redirect URI validation, and scope enforcement.

HTTP request mocking with Nock for Node.js testing including request intercepting, response recording, and external API simulation.

Next.js application testing covering Server Components, App Router, API routes, middleware, dynamic routes, and SSR/SSG testing patterns.

API simulation and service virtualization with WireMock for HTTP stubbing, request matching, stateful behavior, and fault injection testing.

Web application security testing using BurpSuite for proxy-based interception, scanning, and manual penetration testing of web applications.

Optimizing test coverage beyond line coverage including branch coverage, mutation score, path coverage, and identifying meaningful coverage gaps.

Content Security Policy testing and validation to prevent XSS attacks, data injection, and clickjacking through proper CSP header configuration.

Generating realistic test data with Faker libraries for names, addresses, emails, dates, and domain-specific data with reproducible seed control.

Testing WebAssembly modules including compilation verification, memory management, interop testing, and performance benchmarking of WASM components.

Role-based and attribute-based access control testing including permission matrices, privilege escalation prevention, and resource-level authorization.

Rust testing with built-in test framework, integration tests, doc tests, property-based testing with proptest, and cargo test configuration.