explainx.ainewsletter3.4k
Productivity

qa-expert

daymade/claude-code-skills · updated Apr 8, 2026

MDX-style export adds YAML metadata + attribution linking explainx.ai and this canonical listing URL.

$npx skills add https://github.com/daymade/claude-code-skills --skill qa-expert
0 commentsdiscussion
summary

Establish world-class QA testing processes for any software project using proven methodologies from Google Testing Standards and OWASP security best practices.

skill.md

QA Expert

Establish world-class QA testing processes for any software project using proven methodologies from Google Testing Standards and OWASP security best practices.

When to Use This Skill

Trigger this skill when:

  • Setting up QA infrastructure for a new or existing project
  • Writing standardized test cases (AAA pattern compliance)
  • Executing comprehensive test plans with progress tracking
  • Implementing security testing (OWASP Top 10)
  • Filing bugs with proper severity classification (P0-P4)
  • Generating QA reports (daily summaries, weekly progress)
  • Calculating quality metrics (pass rate, coverage, gates)
  • Preparing QA documentation for third-party team handoffs
  • Enabling autonomous LLM-driven test execution

Quick Start

One-command initialization:

python scripts/init_qa_project.py <project-name> [output-directory]

What gets created:

  • Directory structure (tests/docs/, tests/e2e/, tests/fixtures/)
  • Tracking CSVs (TEST-EXECUTION-TRACKING.csv, BUG-TRACKING-TEMPLATE.csv)
  • Documentation templates (BASELINE-METRICS.md, WEEKLY-PROGRESS-REPORT.md)
  • Master QA Prompt for autonomous execution
  • README with complete quickstart guide

For autonomous execution (recommended): See references/master_qa_prompt.md - single copy-paste command for 100x speedup.

Core Capabilities

1. QA Project Initialization

Initialize complete QA infrastructure with all templates:

python scripts/init_qa_project.py <project-name> [output-directory]

Creates directory structure, tracking CSVs, documentation templates, and master prompt for autonomous execution.

Use when: Starting QA from scratch or migrating to structured QA process.

2. Test Case Writing

Write standardized, reproducible test cases following AAA pattern (Arrange-Act-Assert):

  1. Read template: assets/templates/TEST-CASE-TEMPLATE.md
  2. Follow structure: Prerequisites (Arrange) → Test Steps (Act) → Expected Results (Assert)
  3. Assign priority: P0 (blocker) → P4 (low)
  4. Include edge cases and potential bugs

Test case format: TC-[CATEGORY]-[NUMBER] (e.g., TC-CLI-001, TC-WEB-042, TC-SEC-007)

Reference: See references/google_testing_standards.md for complete AAA pattern guidelines and coverage thresholds.

3. Test Execution & Tracking

Ground Truth Principle (critical):

  • Test case documents (e.g., 02-CLI-TEST-CASES.md) = authoritative source for test steps
  • Tracking CSV = execution status only (do NOT trust CSV for test specifications)
  • See references/ground_truth_principle.md for preventing doc/CSV sync issues

Manual execution:

  1. Read test case from category document (e.g., 02-CLI-TEST-CASES.md) ← always start here
  2. Execute test steps exactly as documented
  3. Update TEST-EXECUTION-TRACKING.csv immediately after EACH test (never batch)
  4. File bug in BUG-TRACKING-TEMPLATE.csv if test fails

Autonomous execution (recommended):

  1. Copy master prompt from references/master_qa_prompt.md
  2. Paste to LLM session
  3. LLM auto-executes, auto-tracks, auto-files bugs, auto-generates reports

Innovation: 100x faster vs manual + zero human error in tracking + auto-resume capability.

4. Bug Reporting

File bugs with proper severity classification:

Required fields:

  • Bug ID: Sequential (BUG-001, BUG-002, ...)
  • Severity: P0 (24h fix) → P4 (optional)
  • Steps to Reproduce: Numbered, specific
  • Environment: OS, versions, configuration

Severity classification:

  • P0 (Blocker): Security vulnerability, core functionality broken, data loss
  • P1 (Critical): Major feature broken with workaround
  • P2 (High): Minor feature issue, edge case
  • P3 (Medium): Cosmetic issue
  • P4 (Low): Documentation typo

Reference: See BUG-TRACKING-TEMPLATE.csv for complete template with examples.

5. Quality Metrics Calculation

Calculate comprehensive QA metrics and quality gates status:

python scripts/calculate_metrics.py <path/to/TEST-EXECUTION-TRACKING.csv>

Metrics dashboard includes:

  • Test execution progress (X/Y tests, Z% complete)
  • Pass rate (passed/executed %)
  • Bug analysis (unique bugs, P0/P1/P2 breakdown)
  • Quality gates status (✅/❌ for each gate)

Quality gates (all must pass for release):

Gate Target Blocker
Test Execution 100% Yes
Pass Rate ≥80% Yes
P0 Bugs 0 Yes
P1 Bugs ≤5 Yes
Code Coverage ≥80% Yes
Security 90% OWASP Yes

6. Progress Reporting

Generate QA reports for stakeholders:

Daily summary (end-of-day):

  • Tests executed, pass rate, bugs filed
  • Blockers (or None)
  • Tomorrow's plan

Weekly report (every Friday):

  • Use template: WEEKLY-PROGRESS-REPORT.md (created by init script)
  • Compare against baseline: BASELINE-METRICS.md
  • Assess quality gates and trends

Reference: See references/llm_prompts_library.md for 30+ ready-to-use reporting prompts.

7. Security Testing (OWASP)

Implement OWASP Top 10 security testing:

Coverage targets:

  1. A01: Broken Access Control - RLS bypass, privilege escalation
  2. A02: Cryptographic Failures - Token encryption, password hashing
  3. A03: Injection - SQL injection, XSS, command injection
  4. A04: Insecure Design - Rate limiting, anomaly detection
  5. A05: Security Misconfiguration - Verbose errors, default credentials
  6. A07: Authentication Failures - Session hijacking, CSRF
  7. Others: Data integrity, logging, SSRF

Target: 90% OWASP coverage (9/10 threats mitigated).

Each security test follows AAA pattern with specific attack vectors documented.

Day 1 Onboarding

For new QA engineers joining a project, complete 5-hour onboarding guide:

Read: references/day1_onboarding.md

Timeline:

  • Hour 1: Environment setup (database, dev server, dependencies)
  • Hour 2: Documentation review (test strategy, quality gates)
  • Hour 3: Test data setup (users, CLI, DevTools)
  • Hour 4: Execute first test case
  • Hour 5: Team onboarding & Week 1 planning

Checkpoint: By end of Day 1, environment running, first test executed, ready for Week 1.

Autonomous Execution (⭐ Recommended)

Enable LLM-driven autonomous QA testing with single master prompt:

Read: references/master_qa_prompt.md

Features:

  • Auto-resume from last completed test (reads tracking CSV)
  • Auto-execute test cases (Week 1-5 progression)
  • Auto-track results (updates CSV after each test)
  • Auto-file bugs (creates bug reports for failures)
  • Auto-generate reports (daily summaries, weekly reports)
  • Auto-escalate P0 bugs (stops testing, notifies stakeholders)

Benefits:

  • 100x faster execution vs manual
  • Zero human error in tracking
  • Consistent bug documentation
  • Immediate progress visibility

Usage: Copy master prompt, paste to LLM, let it run autonomously for 5 weeks.

Adapting for Your Project

Small Project (50 tests)

  • Timeline: 2 weeks
  • Categories: 2-3 (e.g., Frontend, Backend)
  • Daily: 5-7 tests
  • Reports: Daily summary only

Medium Project (200 tests)

  • Timeline: 4 weeks
  • Categories: 4-5 (CLI, Web, API, DB, Security)
  • Daily: 10-12 tests
  • Reports: Daily + weekly

Large Project (500+ tests)

  • Timeline: 8-10 weeks
  • Categories: 6-8 (multiple components)
  • Daily: 10-15 tests
  • Reports: Daily + weekly + bi-weekly stakeholder

Reference Documents

Access detailed guidelines from bundled references:

  • references/day1_onboarding.md - 5-hour onboarding guide for new QA engineers
  • references/master_qa_prompt.md - Single command for autonomous LLM execution (100x speedup)
  • references/llm_prompts_library.md - 30+ ready-to-use prompts for specific QA tasks
  • references/google_testing_standards.md - AAA pattern, coverage thresholds, fail-fast validation
  • references/ground_truth_principle.md - Preventing doc/CSV sync issues (critical for test suite integrity)

Assets & Templates

Test case templates and bug report formats:

  • assets/templates/TEST-CASE-TEMPLATE.md - Complete template with CLI and security examples

Scripts

Automation scripts for QA infrastructure:

  • scripts/init_qa_project.py - Initialize QA infrastructure (one command setup)
  • scripts/calculate_metrics.py - Generate quality metrics dashboard

Common Patterns

Pattern 1: Starting Fresh QA

1. python scripts/init_qa_project.py my-app ./
2. Fill in BASELINE-METRICS.md (document current state)
3. Write test cases using assets/templates/TEST-CASE-TEMPLATE.md
4. Copy master prompt from references/master_qa_prompt.md
5. Paste to LLM → autonomous execution begins

Pattern 2: LLM-Driven Testing (Autonomous)

1. Read references/master_qa_prompt.md
2. Copy the single master prompt (one paragraph)
3. Paste to LLM conversation
4. LLM executes all 342 test cases over 5 weeks
5. LLM updates tracking CSVs automatically
6. LLM generates weekly reports automatically

Pattern 3: Adding Security Testing

1. Read references/google_testing_standards.md (OWASP section)
2. Write TC-SEC-XXX test cases for each OWASP threat
3. Target 90% coverage (9/10 threats)
4. Document mitigations in test cases

Pattern 4: Third-Party QA Handoff

1. Ensure all templates populated
2. Verify BASELINE-METRICS.md complete
3. Package tests/docs/ folder
4. Include references/master_qa_prompt.md for autonomous execution
5. QA team can start immediately (Day 1 onboarding → 5 weeks testing)

Success Criteria

This skill is effective when:

  • ✅ Test cases are reproducible by any engineer
  • ✅ Quality gates objectively measured
  • ✅ Bugs fully documented with repro steps
  • ✅ Progress visible in real-time (CSV tracking)
  • ✅ Autonomous execution enabled (LLM can execute full plan)
  • ✅ Third-party QA teams can start testing immediately
how to use qa-expert

How to use qa-expert on Cursor

AI-first code editor with Composer

1

Prerequisites

Before installing skills in Cursor, ensure your development environment meets these requirements:

  • Cursor installed and configured on your development machine
  • Node.js version 16.0+ with npm package manager (verify with node --version)
  • Active project directory or workspace where you want to add qa-expert
2

Execute installation command

Execute the skills CLI command in your project's root directory to begin installation:

$npx skills add https://github.com/daymade/claude-code-skills --skill qa-expert

The skills CLI fetches qa-expert from GitHub repository daymade/claude-code-skills and configures it for Cursor.

3

Select Cursor when prompted

The CLI will show a list of available agents. Use arrow keys to navigate and space to select Cursor:

◆ Which agents do you want to install to?
│ ── Universal (.agents/skills) ── always included ────
│ • Amp
│ • Antigravity
│ • Cline
│ • Codex
│ ●Cursor(selected)
│ • Cursor
│ • Windsurf
4

Verify installation

Confirm successful installation by checking the skill directory location:

.cursor/skills/qa-expert

Reload or restart Cursor to activate qa-expert. Access the skill through slash commands (e.g., /qa-expert) or your agent's skill management interface.

Security & Verification Notice

We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.

Skills execute code in your development environment. Always verify the publisher's identity, review recent commits, and test in isolated environments before production deployment.

Additional Resources

View source code on GitHubSkills CLI documentationLearn more about CursorWhat are agent skills?

List & Monetize Your Skill

Submit your Claude Code skill and start earning

GET_STARTED →

Use Cases

User Story & Requirements Generation

Create detailed user stories, acceptance criteria, and feature specs

Example

Generate user stories for 'password reset feature' with acceptance criteria, edge cases, and test scenarios

Reduce spec writing time by 50%, ensure comprehensive coverage

Competitive Analysis

Research competitors, compare features, identify gaps

Example

Analyze 5 competitor products, create feature comparison matrix, suggest differentiation opportunities

Complete competitive research in 2 hours instead of 2 days

Roadmap Prioritization

Evaluate features using frameworks (RICE, ICE, Kano) and create prioritized backlogs

Example

Score 20 feature ideas using RICE framework, generate prioritized roadmap with rationale

Make data-driven prioritization decisions faster

Stakeholder Communication

Draft PRDs, status updates, and stakeholder presentations

Example

Create executive summary of Q3 roadmap, monthly progress report, feature launch announcement

Save 3-5 hours/week on communication overhead

Implementation Guide

Prerequisites

  • Claude Desktop or compatible AI client
  • Access to product documentation and roadmap tools (Jira, Notion, etc.)
  • Understanding of product management frameworks (RICE, Jobs-to-be-Done, etc.)
  • Stakeholder contact information and communication channels

Time Estimate

30-60 minutes to see productivity improvements

Installation Steps

  1. 1.Install product management skill
  2. 2.Start with user story generation for known feature
  3. 3.Progress to competitive analysis: research 2-3 competitors
  4. 4.Use for roadmap prioritization: apply RICE/ICE scoring
  5. 5.Draft stakeholder communications and refine based on feedback
  6. 6.Build template library for recurring PM tasks
  7. 7.Share effective prompts with product team

Common Pitfalls

  • Not validating competitive research—verify facts before sharing
  • Accepting user stories without involving engineering team
  • Over-relying on frameworks without qualitative judgment
  • Not customizing outputs to company culture and communication style
  • Skipping stakeholder validation of generated requirements

Best Practices

✓ Do

  • +Validate research and competitive analysis with real data
  • +Collaborate with engineering when generating technical requirements
  • +Customize frameworks and templates to your company context
  • +Use skill for first drafts, refine with stakeholder input
  • +Document successful prompt patterns for PM tasks
  • +Combine AI efficiency with human judgment and intuition

✗ Don't

  • Don't publish competitive analysis without fact-checking
  • Don't finalize user stories without engineering review
  • Don't make prioritization decisions solely on AI scoring
  • Don't skip customer validation of generated requirements
  • Don't ignore company-specific context and culture

💡 Pro Tips

  • Provide context: company goals, constraints, customer feedback
  • Ask for alternatives: 'Show 3 ways to prioritize this roadmap'
  • Request stakeholder-specific formatting: 'Executive summary vs. engineering spec'
  • Use skill for 70% generation + 30% customization to company needs

When to Use This

✓ Use When

Use for user story writing, competitive research, roadmap prioritization, stakeholder communication, and PRD drafting. Best for reducing repetitive documentation and research work.

✗ Avoid When

Avoid for strategic product vision (requires deep customer empathy), pricing decisions (needs market and financial expertise), or when face-to-face customer discovery is more valuable than speed.

Learning Path

  1. 1Basic: user stories, feature specs, status updates
  2. 2Intermediate: competitive analysis, prioritization frameworks, PRDs
  3. 3Advanced: product strategy, go-to-market planning, OKR setting
  4. 4Expert: product vision, market positioning, business model innovation

Discussion

Product Hunt–style comments (not star reviews)
  • No comments yet — start the thread.
general reviews

Ratings

4.527 reviews
  • Evelyn Verma· Dec 8, 2024

    Useful defaults in qa-expert — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.

  • Nikhil Shah· Dec 8, 2024

    We added qa-expert from the explainx registry; install was straightforward and the SKILL.md answered most questions upfront.

  • Ren Gill· Nov 27, 2024

    qa-expert is among the better-maintained entries we tried; worth keeping pinned for repeat workflows.

  • Camila Malhotra· Nov 27, 2024

    qa-expert fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.

  • Rahul Santra· Nov 11, 2024

    Solid pick for teams standardizing on skills: qa-expert is focused, and the summary matches what you get after install.

  • Michael Srinivasan· Oct 18, 2024

    qa-expert reduced setup friction for our internal harness; good balance of opinion and flexibility.

  • Pratham Ware· Oct 2, 2024

    I recommend qa-expert for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.

  • Emma Huang· Sep 25, 2024

    Useful defaults in qa-expert — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.

  • Sakshi Patil· Sep 5, 2024

    qa-expert fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.

  • Fatima Harris· Sep 1, 2024

    I recommend qa-expert for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.

showing 1-10 of 27

1 / 3