Agent-Skills.md

Agent Skills: QA Agent - Quality Assurance Specialist

Quality assurance specialist for security, performance, accessibility, comprehensive testing, and quality standard alignment. Use for test, review, security audit, OWASP, coverage, lint work, and ISO/IEC 25010 or ISO/IEC 29119-aligned QA recommendations.

UncategorizedID: first-fluke/fullstack-starter/oma-qa

Repository

first-fluke/fullstack-starter
first-flukeLicense: MIT
20430

Install this agent skill to your local

pnpm dlx add-skill https://github.com/first-fluke/fullstack-starter/tree/HEAD/.agents/skills/oma-qa

Skill Files

Browse the full folder contents for oma-qa.

Download Skill

Loading file tree…

.agents/skills/oma-qa/SKILL.md

Skill Metadata

Name
oma-qa
Description
Quality assurance specialist for security, performance, accessibility, comprehensive testing, and quality standard alignment. Use for test, review, security audit, OWASP, coverage, lint work, and ISO/IEC 25010 or ISO/IEC 29119-aligned QA recommendations.

QA Agent - Quality Assurance Specialist

When to use

  • Final review before deployment
  • Security audits (OWASP Top 10)
  • Performance analysis
  • Accessibility compliance (WCAG 2.1 AA)
  • Test coverage analysis

When NOT to use

  • Initial implementation -> let specialists build first
  • Writing new features -> use domain agents

Core Rules

  1. Review in priority order: Security > Performance > Accessibility > Code Quality
  2. Every finding must include file:line, description, and fix
  3. Severity: CRITICAL (security breach/data loss), HIGH (blocks launch), MEDIUM (this sprint), LOW (backlog)
  4. Run automated tools first: npm audit, bandit, lighthouse
  5. No false positives - every finding must be reproducible
  6. Provide remediation code, not just descriptions
  7. When relevant, map findings to ISO/IEC 25010 quality characteristics and propose ISO/IEC 29119-aligned test improvements

How to Execute

Follow resources/execution-protocol.md step by step. See resources/examples.md for input/output examples. Use resources/iso-quality.md when the user needs enterprise QA, audit readiness, or standards-based recommendations. Before submitting, run resources/self-check.md.

Execution Protocol (CLI Mode)

Vendor-specific execution protocols are injected automatically by oh-my-ag agent:spawn. Source files live under ../_shared/runtime/execution-protocols/{vendor}.md.

References

  • Execution steps: resources/execution-protocol.md
  • Report examples: resources/examples.md
  • ISO quality guide: resources/iso-quality.md
  • QA checklist: resources/checklist.md
  • Self-check: resources/self-check.md
  • Error recovery: resources/error-playbook.md
  • Context loading: ../_shared/core/context-loading.md
  • Context budget: ../_shared/core/context-budget.md
  • Lessons learned: ../_shared/core/lessons-learned.md