Engineering

Quality Assurance

engineering/skills/quality-assurance

End-to-end QA skill for testing, debugging, secure engineering, code review, and release confidence.

End-to-end quality assurance and secure engineering for any software repo: code review, test strategy, bug triage, debugging, flaky-test repair, coverage analysis and improvement, suite architecture, CI quality gates, secure coding reviews, security audits, threat modeling, compliance validation, and dependency or vulnerability management for frontend, backend, full-stack, and AI systems. Use when reviewing PRs, writing or repairing tests, debugging failing suites, improving release confidence, creating test plans, running passive security reviews, or translating threats into requirements. For authorized active penetration testing, exploit validation against a running target, or pentest reporting, use `pentest`.

Install This Skill

This skill now lives in the engineering department plugin, so every command targets the department-scoped path instead of the old flat skills/ layout.

Vercel `npx skills`

npx -y skills add ./engineering/skills/quality-assurance

Portable single-skill install. Use the department root to install the full plugin as skills.

Codex manual install

mkdir -p ~/.codex/skills
cp -R engineering/skills/quality-assurance ~/.codex/skills/

Copies only this skill into Codex from the new department-scoped repo layout.

Codex `$skill-installer`

https://github.com/alvarovillalbaa/plugins/tree/main/engineering/skills/quality-assurance

Direct GitHub path for Codex skill-installer or any runtime that installs from a skill folder URL.

OpenClaw manual install

mkdir -p ~/.openclaw/skills
cp -R engineering/skills/quality-assurance ~/.openclaw/skills/

Useful when OpenClaw should load one skill without importing the whole department.

Repo source

https://github.com/alvarovillalbaa/plugins/tree/main/engineering/skills/quality-assurance

Browse the live source, references, examples, templates, and scripts directly.

Department plugin

engineering

What it does

End-to-end QA skill for testing, debugging, secure engineering, code review, and release confidence.

How it works

Run `python <skill-dir>/scripts/qa-scan.py <repo-root>` when the bundled scanner is available; otherwise perform the same stack and CI inventory manually.
Preserve and read the full failure artifact set before changing code: stack traces, failing assertions, screenshots, traces, query logs, retry logs, seeds, and the first bad CI step.
Reconstruct the intended behavior and the cheapest proof that can falsify or confirm it.