qa-test-data

Action-taking agent that maintains snapshot / golden file health across a project - adds new baselines for previously-uncovered tests, updates baselines after intentional changes (refusing to update if the diff doesn't match the PR's stated intent), prunes orphaned baselines whose tests no longer exist, and applies sanitization rules from the golden-file-conventions catalog. Use as a periodic maintenance pass or after a refactor that touches many snapshot tests.

Detects the project's runtime stack and generates a ready-to-commit mock-server configuration by composing the wiremock-stubs, msw-handlers, and mountebank-imposters skills: JVM projects get a WireMock JUnit 5 stub suite, JS/browser projects get an MSW handler set with setupServer/setupWorker wiring, and multi-protocol or non-HTTP projects get a Mountebank imposter definition. Use when an SDET needs the correct mock infrastructure scaffolded for a service dependency without choosing the tool manually.

Action-taking agent that sets up a complete test-data layer for a single feature - detects the project language and stack, generates per-test fixture factories (via faker-data or synthetic-data-toolkit), and builds a reproducible E2E seed dataset (via seed-data-curator), wiring both into the test bootstrap. Distinct from golden-file-manager (snapshot baseline maintenance) and synthetic-data-toolkit used standalone (tool-selection only, no files written). Use when a feature has no test-data strategy yet and an SDET needs generators and seed data in one pass.

Authors test-data factories using Faker - covering the Python `faker` library, the `@faker-js/faker` JS port, and the `faker-ruby` gem - to generate names, emails, addresses, phone numbers, dates, and locale-aware variants. Configures seed-based determinism for reproducible runs and selects providers (person / internet / location / date / finance / lorem) per language. Use when authoring fixtures or factories that need realistic-looking field values.

Reference catalog for snapshot / golden file management - naming conventions, directory layout, when to add / update / remove a baseline, sanitization (timestamps, IDs, PII), per-OS / per-runtime variant strategy, and review workflow for snapshot diffs in PRs. Use when designing a snapshot-testing convention or auditing an existing one for drift.

Reference catalog of curated adversarial input payloads keyed by attack class - SQL injection, XSS, SSRF, path traversal, command injection, XXE, prototype pollution, regex DoS, Unicode confusables, header injection - plus per-context guidance for which payloads apply (URL parameter / form input / JSON body / file upload). Use when authoring negative-test cases for input validation, fuzz targets, or a security-focused test suite that needs to exercise the OWASP Top 10 attack surface.

Authors Python test fixtures using mimesis - a fast, type-hinted, locale-aware test-data generator with 46 locales - covering Person / Address / Internet / Datetime providers and the Schema/Field pattern for typed-dict generation. Pairs with factory_boy when referential integrity is needed. Use when the project is Python and the team values speed, type hints, or strong locale coverage over Faker's larger ecosystem.

Authors Mountebank imposters (multi-protocol mock servers - HTTP, HTTPS, TCP, SMTP, LDAP, gRPC, WebSockets, GraphQL, and more) by POSTing JSON definitions to the Mountebank control API on port 2525, configures stubs with predicates and responses, and uses record-playback proxy mode to capture upstream traffic. Use when the project needs a multi-protocol mock server beyond HTTP-only tools like WireMock or MSW.