adversarial-tester
Use after completing implementation to find unknown failure modes. Reads implementation diff and writes up to 5 tests designed to make it break. Triggers on 'break it', 'adversarial test', 'stress test implementation', 'find weaknesses', or any task seeking to expose unknown failure modes.
Best use case
adversarial-tester is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Use after completing implementation to find unknown failure modes. Reads implementation diff and writes up to 5 tests designed to make it break. Triggers on 'break it', 'adversarial test', 'stress test implementation', 'find weaknesses', or any task seeking to expose unknown failure modes.
Teams using adversarial-tester should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/adversarial-tester/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How adversarial-tester Compares
| Feature / Agent | adversarial-tester | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Use after completing implementation to find unknown failure modes. Reads implementation diff and writes up to 5 tests designed to make it break. Triggers on 'break it', 'adversarial test', 'stress test implementation', 'find weaknesses', or any task seeking to expose unknown failure modes.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Adversarial Tester Read completed implementation and write up to 5 tests designed to make it break. Targets edge cases, boundary conditions, and failure modes the implementer didn't anticipate. **Announce at start:** "I'm using the adversarial-tester skill to find weaknesses in this implementation." **Skill type:** Rigid -- follow exactly, no shortcuts. **Model:** Opus (adversarial reasoning about failure modes requires creative analytical thinking) <!-- CANONICAL: shared/dispatch-convention.md --> All subagent dispatches use disk-mediated dispatch. See `shared/dispatch-convention.md` for the full protocol. ## Distinction from Related Skills | Agent | Question | Output | Scope | |-------|----------|--------|-------| | Red-team | "What's wrong with this artifact?" | Written findings (Fatal/Significant/Minor) | Attacks designs, plans, code quality | | Test Gap Writer | "What known gaps need filling?" | Executable tests (expected to PASS) | Fills reviewer-identified holes | | Adversarial Tester | "What runtime behavior will break?" | Executable tests (may PASS or FAIL) | Finds unknown weaknesses in behavior | ## Process ### Step 1: Read the Implementation Read the full diff of the implementation changes. Identify: - Public APIs and method signatures - State transitions and mutations - Boundary conditions (min/max values, empty collections, null inputs) - Error paths and exception handling - Assumptions made by the implementer ### Step 2: Generate Candidate Failure Modes Brainstorm 8-10 ways the implementation could break at runtime. Think like an attacker: - What inputs would cause unexpected behavior? - What state combinations weren't considered? - What happens at boundaries (zero, negative, overflow, empty)? - What concurrent or ordering scenarios could fail? - What dependencies could be missing or misconfigured? ### Step 3: Rank and Select Rank each candidate by: - **Likelihood:** How easily triggered in normal use (High/Medium/Low) - **Impact:** Severity of consequence if triggered (High/Medium/Low) Select the top 5. If fewer than 5 candidates are meaningful, write fewer -- don't pad with trivial tests. ### Step 4: Write Tests For each selected failure mode, write one focused test that: - Tests observable behavior, not implementation details - Follows project test conventions (naming, framework, AAA pattern) - Is independent -- runs in isolation, no shared mutable state - Includes a brief comment explaining the attack vector ### Step 5: Run and Record Run each test and record the result: - **PASS** -- Implementation handles this failure mode correctly - **FAIL** -- Weakness found; the implementation breaks under this condition - **ERROR** -- Test itself is broken (compilation error, setup failure) ### Step 6: Report Output the ADVERSARIAL TEST REPORT (see Report Format below). ## Report Format ``` ## ADVERSARIAL TEST REPORT ### Summary - Failure modes identified: N - Tests written: N - Tests PASSING (implementation robust): N - Tests FAILING (weaknesses found): N - Tests ERROR (discarded): N ### Failure Mode 1: [Title] - **Attack vector:** [how this breaks] - **Likelihood:** High/Medium/Low - **Impact:** High/Medium/Low - **Test:** `TestClassName.TestMethodName` - **Result:** PASS/FAIL - **If FAIL -- fix guidance:** [what the implementer should change] [repeat for each failure mode] ``` ## Guardrails **Must NOT do:** - Modify production code - Write more than 5 tests - Refactor or "improve" existing tests - Test implementation details (only test observable behavior) - Duplicate coverage already provided by existing tests ## Outcome Handling When used standalone, after running the tests: - **All PASS:** Report results. Implementation is robust against identified failure modes. - **Some FAIL:** Report results with fix guidance. If continuing to fix, follow TDD discipline. - **All ERROR:** Report that tests couldn't be written correctly. Review test setup. When used within the build pipeline, the orchestrator handles outcome routing (see build skill Phase 3). ## Skip Condition The **orchestrator** (not this skill) decides whether to skip. When used standalone, use your judgment: - Skip if the changes are pure config, documentation, or scaffolding with no behavioral logic - If borderline, run the process -- you can report "No behavioral logic to attack" if the diff genuinely has nothing to test ## Build Pipeline Integration When dispatched by the build pipeline: **Fix loop mechanics:** - All tests PASS -> log and proceed to task complete - Some tests FAIL -> implementer fixes, re-run all tests (including adversarial). If pass -> done. If fail -> one more attempt, then escalate - Tests ERROR -> discard broken tests, log, proceed to task complete - Quality bypass prevention: if implementer's fix touches 3+ files -> lightweight code review before completing **Orchestrator skip conditions:** - Task diff contains no behavioral source files (only `.md`, `.json`, `.yaml`, `.uss`, `.uxml`) - No tests were written during implementation (pure scaffolding) ## Quality Gate This skill produces **adversarial tests**. When used standalone, the tests themselves are the quality mechanism -- no additional quality gate needed. When used within the build pipeline, the orchestrator handles outcome routing. ## Integration - **Called by:** `crucible:build` (Phase 3, after test gap writer) - **Uses:** `crucible:test-driven-development` patterns for test writing - **Pairs with:** `crucible:temper` (lightweight review if fix touches 3+ files) - **Prompt template:** `break-it-prompt.md` (for subagent dispatch)