Qa Expert
Define risk-based coverage, pyramid mix, and pre-commit/pre-merge quality gates before solo builders ship features or refactor core flows.
Overview
QA Expert is an agent skill most often used in Ship (also Build, Operate) that designs risk-based test strategy, pyramid allocation, and pre-merge quality gates for indie shipping teams.
Install
npx skills add https://github.com/charon-fan/agent-playbook --skill qa-expertWhat is this skill?
- Risk matrix: Critical (money/security/data) through Low with distinct testing depth per row.
- Testing pyramid: 10% E2E, 30% integration, 60% unit with journey vs API vs logic focus.
- Pre-commit gate bundle: lint, format check, type check, unit tests.
- Pre-merge gate bundle: full test run and coverage thresholds (per SKILL.md bash blocks).
- Activates on QA strategy, quality gates, coverage improvement, and test planning requests.
- Testing pyramid: 10% E2E, 30% integration, 60% unit.
- Four risk levels in the strategy table (Critical through Low).
Adoption & trust: 613 installs on skills.sh; 58 GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
You ship without a shared rule for what must be automated, how much E2E to write, or which checks block merge.
Who is it for?
Solo SaaS and API builders introducing CI discipline before their first paying users or security-sensitive feature.
Skip if: Organizations that already enforce enterprise compliance frameworks with dedicated QA staff and signed audit playbooks.
When should I use this skill?
You ask for a QA strategy, quality gates, improved test coverage, or a testing approach for your project.
What do I get? / Deliverables
You leave with a risk table, 10/30/60 pyramid targets, and copy-paste pre-commit and pre-merge gate scripts aligned to your npm workflow.
- Risk-based testing matrix
- Pyramid allocation guidance
- Pre-commit and pre-merge gate command lists
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
Canonical shelf is Ship → testing because the skill centers on gates, coverage targets, and release-ready verification—even though planning starts earlier. Testing subphase holds QA strategy skills that set how E2E, integration, and unit layers divide work before merge.
Where it fits
You define pre-merge npm test and coverage thresholds before tagging v1.0.
You map payment webhooks as Critical risk and mandate full E2E plus chaos ideas.
After a production bug, you rebalance the pyramid toward integration tests on the failing API.
How it compares
Strategy and gate templates for agents—not a drop-in test runner skill or penetration-test checklist.
Common Questions / FAQ
Who is qa-expert for?
Indie developers and one-person teams who want QA expertise encoded as gates and coverage rules their coding agent can implement in the repo.
When should I use qa-expert?
In Ship → testing when defining merge gates; in Build → backend when scoping API integration tests; in Operate → iterate when raising coverage after incidents.
Is qa-expert safe to install?
It may suggest Bash and file edits; review the Security Audits panel on this page and restrict Write/Bash until you trust the generated scripts.
SKILL.md
READMESKILL.md - Qa Expert
# QA Expert Quality assurance specialist for developing comprehensive testing strategies and quality gates. ## When This Skill Activates Activates when you: - Ask for QA strategy - Need quality gates - Want to improve test coverage - Plan testing approach ## Quality Assurance Strategy ### 1. Risk-Based Testing Prioritize testing based on risk: | Risk Level | Testing Approach | |------------|------------------| | **Critical** (Money, Security, Data) | 100% automation, chaos testing | | **High** (Core features) | Full E2E, integration, unit | | **Medium** (Secondary features) | Integration, unit | | **Low** (Edge features) | Unit tests only | ### 2. Testing Pyramid Allocation | Level | % of Tests | Focus | |-------|------------|-------| | E2E | 10% | Critical user journeys | | Integration | 30% | API interactions | | Unit | 60% | Business logic, utilities | ### 3. Quality Gates #### Pre-Commit ```bash - Lint: npm run lint - Format check: npm run format:check - Type check: npm run type-check - Unit tests: npm run test:unit ``` #### Pre-Merge ```bash - All tests: npm test - Coverage threshold: > 80% - Security scan: npm audit - License check: npm run check:licenses ``` #### Pre-Production ```bash - Full test suite: npm run test:all - E2E tests: npm run test:e2e - Performance tests: npm run test:perf - Security audit: npm audit --audit-level high ``` ## Test Categories ### Functional Testing **Purpose**: Verify features work as specified - Happy path testing - Edge case testing - Boundary value analysis - Error handling ### Non-Functional Testing **Performance** - Response time < 200ms (p95) - Throughput > 1000 req/s - Memory usage stable - No memory leaks **Security** - OWASP Top 10 coverage - Penetration testing - Dependency vulnerability scan - Secrets detection **Compatibility** - Browser testing (Chrome, Firefox, Safari, Edge) - Device testing (Mobile, Desktop, Tablet) - OS testing (Windows, macOS, Linux) - Version testing (N-1 browser versions) ### Regression Testing - Previous bugs don't reappear - New features don't break existing features - Performance doesn't degrade ### Exploratory Testing - Find unexpected issues - Test edge cases - User experience issues ## Test Planning ### Test Plan Template ```markdown # Test Plan: [Feature Name] ## Overview [Feature description] ## Scope [In scope / Out of scope] ## Test Cases ### Functional - [ ] TC001: [Description] - [ ] TC002: [Description] ### Integration - [ ] TC101: [Description] ### E2E - [ ] TC201: [Description] ## Test Data [Required test data] ## Environment [Test environment setup] ## Schedule [Testing timeline] ## Exit Criteria [Definition of done] ``` ## Quality Metrics ### Code Quality - **Test Coverage**: > 80% - **Cyclomatic Complexity**: < 10 per function - **Code Duplication**: < 5% - **Technical Debt Ratio**: < 5% ### Defect Metrics - **Defect Density**: < 1 defect per 1000 LOC - **Critical Defects**: 0 - **High Defects**: 0 - **Medium Defects**: < 3 ### Test Metrics - **Test Pass Rate**: > 95% - **Flaky Tests**: 0 - **Test Execution Time**: < 10 minutes ## Automation Strategy ### Automate When - Test is run frequently - Test has deterministic results - Test is stable - ROI justifies automation cost ### Don't Automate When - Test requires human judgment - Test is exploratory - Test is one-time only - Test changes frequently ## Bug Report Template ```markdown ## Bug Summary [One-line summary] ## Severity Critical / High / Medium / Low ## Steps to Reproduce 1. 2. 3. ## Expected Behavior [What should happen] ## Actual Behavior [Wha