pentest-validation
Pentest Validation
<default_to_action> When validating security findings:
- REQUIRE explicit authorization for target URL
- SCAN with qe-security-scanner (SAST + dependency + secrets)
- ANALYZE with qe-security-reviewer + qe-security-auditor (parallel)
- VALIDATE with qe-pentest-validator (graduated exploitation, parallel per vuln type)
- REPORT only confirmed findings with PoC evidence ("No Exploit, No Report")
- UPDATE exploit playbook with new patterns
Quality Gates:
- Authorization confirmed before ANY exploitation
- Target URL is staging/dev (NOT production)
- Budget cap enforced ($15 default)
- Time cap enforced (30 min default)
- All exploitation attempts logged </default_to_action>
More from proffesor-for-testing/agentic-qe
code-review-quality
Conduct context-driven code reviews focusing on quality, testability, and maintainability. Use when reviewing code, providing feedback, or establishing review practices.
1.2Kapi-testing-patterns
Comprehensive API testing patterns including contract testing, REST/GraphQL testing, and integration testing. Use when testing APIs or designing API test strategies.
404compatibility-testing
Cross-browser, cross-platform, and cross-device compatibility testing ensuring consistent experience across environments. Use when validating browser support, testing responsive design, or ensuring platform compatibility.
381regression-testing
Strategic regression testing with test selection, impact analysis, and continuous regression management. Use when verifying fixes don't break existing functionality, planning regression suites, or optimizing test execution for faster feedback.
213test-automation-strategy
Design and implement effective test automation with proper pyramid, patterns, and CI/CD integration. Use when building automation frameworks or improving test efficiency.
183technical-writing
Write clear, engaging technical content from real experience. Use when writing blog posts, documentation, tutorials, or technical articles.
127