ReddRadar
Agent skill
doc-sectest-autopilot
Automated SECTEST generation and review orchestration for security threat and control validation
Install this agent skill to your Project
npx add-skill https://github.com/vladm3105/aidoc-flow-framework/tree/main/.claude/skills/doc-sectest-autopilot
Metadata
Additional technical details for this skill
- tags
-
sdd-workflow layer-10-artifact automation-workflow sectest
- custom fields
-
{ "layer": 10, "version": "1.0", "priority": "primary", "last_updated": "2026-02-27", "artifact_type": "SECTEST", "skill_category": "automation-workflow", "development_status": "active", "upstream_artifacts": [ "SYS", "SPEC", "CTR" ], "downstream_artifacts": [ "TASKS" ], "architecture_approaches": [ "ai-agent-based" ] } - versioning policy
- tracks SECTEST-MVP-TEMPLATE schema_version
SKILL.md
doc-sectest-autopilot
Purpose
Automate SECTEST lifecycle for subtype-specific workflows:
- generate SECTEST from upstream context,
- validate and audit outputs,
- hand off to fixer when required.
Input Contract (IPLAN-004 Standard)
- Supported modes:
--ref <path>--prompt "<text>"--iplan <path|IPLAN-NNN>
- Precedence:
--iplan > --ref > --prompt - IPLAN resolution order:
- Use explicit file path when it exists
- Resolve
work_plans/IPLAN-NNN*.md - Resolve
governance/plans/IPLAN-NNN*.md - If multiple matches exist, fail with disambiguation request
- Merge conflict rule:
- Objective/scope conflicts between primary and supplemental sources are blocking and require user clarification.
Execution Modes
Generate/Find Mode
Input:
SECTEST-NN(self type): review existingSYS-NNorSPEC-NN: generate if missing, else review existingSECTEST-NN- optional
CTR-NN: include contract-alignment checks when present
Audit/Fix Mode
- Run
doc-sectest-audit - If fail or below threshold, run
doc-sectest-fixer - Re-run audit until pass or max iteration reached
Orchestration Flow
1) Resolve target SECTEST document
2) Generate or load SECTEST
3) Run doc-sectest-audit
4) If needed, run doc-sectest-fixer
5) Re-audit
6) Emit status and next-step recommendation
Naming and Contract Rules
- Primary audit output:
SECTEST-NN.A_audit_report_vNNN.md - Legacy-compatible review output:
SECTEST-NN.R_review_report_vNNN.md - Fix report:
SECTEST-NN.F_fix_report_vNNN.md
All reports are stored beside parent SECTEST in nested folder.
Document Type Contract (MANDATORY)
When generating SECTEST document instances, the autopilot MUST:
-
Read
instance_document_typefrom template:- Source:
ai_dev_ssd_flow/10_TSPEC/SECTEST/SECTEST-MVP-TEMPLATE.yaml - Field:
metadata.instance_document_type: "sectest-document"
- Source:
-
Set
document_typein generated document frontmatter:yamlcustom_fields: document_type: sectest-document # NOT "template" artifact_type: SECTEST layer: 10 test_type_code: 45 -
Validation: Generated documents MUST have
document_type: sectest-document- Templates have
document_type: template - Instances have
document_type: sectest-document - Schema validates both values
- Templates have
Error Handling: If instance_document_type is missing from template, default to sectest-document.
Canonical References
ai_dev_ssd_flow/10_TSPEC/SECTEST/SECTEST-MVP-TEMPLATE.mdai_dev_ssd_flow/10_TSPEC/SECTEST/SECTEST-MVP-TEMPLATE.mdai_dev_ssd_flow/10_TSPEC/SECTEST/SECTEST_MVP_SCHEMA.yamlai_dev_ssd_flow/10_TSPEC/scripts/validate_sectest.py
Safety Constraints
- Security tests must run in isolated environments only.
- Never run security tests against production systems.
- Unsafe guidance markers (
against production,exploit execution,offensive payload execution) are disallowed.
Coexistence Rules with doc-tspec-autopilot
Use doc-sectest-autopilot when SECTEST-only scope is required.
Route to doc-tspec-autopilot when cross-subtype orchestration is required.
Fallback:
- If unresolved subtype blockers persist, escalate to
doc-tspec-autopilotwhile preserving report compatibility (.A_preferred,.R_legacy).
Example Invocations
/doc-sectest-autopilot SECTEST-01
/doc-sectest-autopilot SYS-01
/doc-sectest-autopilot SPEC-01
/doc-sectest-autopilot CTR-01
Quality Gate
Pass when:
- SECTEST structure matches 6-section contract,
- required tags are complete,
- security categories, threat scenarios, and control checks are represented,
- safety constraints are explicitly preserved,
- audit status is PASS and score meets configured threshold.
Related Skills
doc-sectestdoc-sectest-validatordoc-sectest-reviewerdoc-sectest-fixerdoc-sectest-auditdoc-tspec-autopilot(fallback for mixed subtype workflows)
Version History
| Version | Date | Changes |
|---|---|---|
| 1.0 | 2026-02-27 | Initial SECTEST autopilot skill with generate/find plus audit-fix orchestration, explicit input contract, and safety constraints |
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
vladm3105/aidoc-flow-framework
doc-spec-reviewer
Comprehensive content review and quality assurance for SPEC documents - validates YAML structure, REQ coverage, interface definitions, and identifies issues requiring manual attention
vladm3105/aidoc-flow-framework
doc-prd-fixer
Automated fix skill that reads review reports and applies fixes to PRD documents - handles broken links, element IDs, missing files, and iterative improvement
vladm3105/aidoc-flow-framework
doc-procspec-autopilot
Automated PROCSPEC (Process Specification) generation from REQ - generates specifications for SOPs, runbooks, playbooks, and operational procedures
vladm3105/aidoc-flow-framework
doc-riskspec-autopilot
Automated RISKSPEC (Risk Specification) generation from REQ - generates specifications for risk matrices, impact assessments, and mitigation plans
vladm3105/aidoc-flow-framework
doc-ptest-autopilot
Automated PTEST generation and review orchestration for performance category and threshold validation
vladm3105/aidoc-flow-framework
doc-adr-autopilot
Automated ADR generation pipeline from BRD Architecture Decision Requirements - analyzes topics, generates Context-Decision-Consequences records
Didn't find tool you were looking for?