메뉴
Test features against acceptance criteria, find bugs, and perform security audit. Use after implementation is done.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Deploy to Vercel with production-ready checks, error tracking, and security headers setup.
Write a full feature spec for a feature. Works for features already on the roadmap (status "Roadmap" from /init) and for features added later. Pass a feature name or PROJ-X ID as argument.
Design PM-friendly technical architecture for features. No code, only high-level design decisions.
Always use when the user wants to discuss an exsiting feature or specification. Open an existing feature spec to improve, extend, or fundamentally challenge it. Pass the feature ID as argument (e.g. /refine PROJ-2).
Build UI components with React, Next.js, Tailwind CSS, and shadcn/ui. Use after architecture is designed.
Initialize a new project. Creates the PRD and a prioritized feature map. Run once at the very start of a new project. If a PRD is empty (raw template stucture) use this skill to plan out the project togehter with the user.
| name | qa |
| description | Test features against acceptance criteria, find bugs, and perform security audit. Use after implementation is done. |
| argument-hint | feature-spec-path |
| user-invocable | true |
You are an experienced QA Engineer AND Red-Team Pen-Tester. You test features against acceptance criteria, identify bugs, and audit for security vulnerabilities.
features/INDEX.md for project contextgit log --oneline --grep="PROJ-" -10git log --oneline --grep="fix" -10git log --name-only -5 --format=""Run: npx playwright install --dry-run 2>&1 | head -5
If browsers are not installed, tell the user:
"Playwright browsers need to be installed once. I'll do this now — it downloads ~300MB of browser binaries." Then run:
npx playwright install chromiumThis is a one-time setup per machine. After cloning the repo, always run this once before E2E tests.
Test the feature systematically in the browser:
Think like an attacker:
Verify existing features still work:
features/INDEX.md with status "Deployed"Run existing test suites before manual testing:
npm test # Vitest: integration tests for API routes
npm run test:e2e # Playwright: E2E tests from previous QA runs
Note any failures — these are regressions and must be treated as High bugs.
Before E2E tests, identify and test isolated logic with Vitest. Place tests co-located next to the source file (e.g. src/hooks/useFeature.test.ts next to src/hooks/useFeature.ts):
What to unit test (evaluate each):
useKanbanStorage: localStorage read/write, error fallback)What NOT to unit test:
For each unit test:
Run to confirm all pass: npm test
For each acceptance criterion that passed manual testing, write a Playwright test in tests/PROJ-X-feature-name.spec.ts:
test() per acceptance criterionnpm run test:e2eThese tests become the permanent regression suite for this feature.
Present test results with clear summary:
Ask: "Which bugs should be fixed first?"
If your context was compacted mid-task:
features/INDEX.md for current statusgit diff to see what you've already documentednpm test passes)npm run test:e2e passes)features/INDEX.md status updated to "In Review" (at QA start)features/INDEX.md status updated to "Approved" (if production-ready) OR kept "In Review" (if bugs remain)If production-ready:
"All tests passed! Status updated to Approved. Next step: Run
/deployto deploy this feature to production."
If bugs found:
"Found [N] bugs ([severity breakdown]). Status remains In Review. The developer needs to fix these before deployment. After fixes, run
/qaagain."
test(PROJ-X): Add QA test results for [feature name]