703-technologies-fuzzing-testing

Use when you need to add or review fuzz testing for Java APIs with CATS — including contract-driven negative testing, malformed payload validation, boundary input exploration, CI integration, reproducible failures, and local execution guidance. This should trigger for requests such as Add fuzz testing to a Java project; Use CATS for API negative testing; Review CI quality gates for API contract robustness; Improve boundary and malformed input test coverage. Part of cursor-rules-java project

Quality

75%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./skills/703-technologies-fuzzing-testing/SKILL.md

Quality

Content

50%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This skill provides a reasonable structural framework for CATS-based fuzz testing with clear constraints and a logical workflow, but it lacks concrete, executable examples of CATS usage in the body itself. It heavily defers to a reference file for all substantive guidance, making the SKILL.md feel like a thin wrapper rather than a self-contained overview with progressive disclosure. The workflow steps are too generic to be immediately actionable without reading the reference.

Suggestions

Add at least one concrete, executable CATS command example in the skill body (e.g., `java -jar cats/cats.jar --contract=openapi.yaml --server=http://localhost:8080`) so the skill is actionable without reading the reference.

Make workflow steps CATS-specific rather than generic — e.g., step 3 should show what artifacts to create/modify (CI pipeline config, CATS config file, etc.) with concrete examples.

Consolidate the 'What is covered' bullets and 'When to use' section to reduce redundancy and improve conciseness.

Add a brief feedback loop in the workflow for handling CATS findings — e.g., 'If CATS reports failures, triage by severity, fix validation gaps, re-run CATS to confirm resolution.'

Dimension	Reasoning	Score
Conciseness	The skill includes some unnecessary verbosity — the 'What is covered' bullet list largely restates the 'When to use' section and the description. The constraints section is reasonably tight but could be more concise. The introductory sentence explains what CATS does, which is borderline unnecessary for Claude.	2 / 3
Actionability	The skill provides specific commands (./mvnw compile, mvn clean verify) and references a detailed guide, but lacks any concrete executable examples of CATS usage — no actual CATS commands, no sample configurations, no example invocations. The core task (fuzz testing with CATS) has no copy-paste-ready guidance in the skill itself.	2 / 3
Workflow Clarity	The workflow has four numbered steps with a logical sequence, and the constraints include validation checkpoints (compile before, verify after). However, the workflow steps are generic ('apply technology-aligned changes', 'gather scope') rather than specific to CATS fuzzing. There's no explicit feedback loop for handling fuzzing failures or triaging results within the workflow itself.	2 / 3
Progressive Disclosure	The skill correctly references a single detailed file (references/703-technologies-fuzzing-testing.md) for deeper content, which is good one-level-deep disclosure. However, since no bundle files were provided, we cannot verify the reference exists or assess its quality. The skill itself is somewhat thin — it defers almost all actionable content to the reference, making the SKILL.md more of a pointer than a useful overview.	2 / 3
	Total	8 / 12 Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is a strong skill description that clearly defines its scope around CATS-based fuzz testing for Java APIs. It excels in completeness by providing both a 'Use when' clause and explicit trigger examples, and its specificity in listing concrete capabilities like contract-driven negative testing and CI integration is excellent. The description is distinctive enough to avoid conflicts with general testing or Java development skills.

Dimension	Reasoning	Score
Specificity	Lists multiple specific concrete actions: contract-driven negative testing, malformed payload validation, boundary input exploration, CI integration, reproducible failures, and local execution guidance. These are clearly defined capabilities.	3 / 3
Completeness	Clearly answers both 'what' (contract-driven negative testing, malformed payload validation, boundary input exploration, CI integration, reproducible failures, local execution guidance) and 'when' with an explicit 'Use when...' clause and concrete trigger examples like 'Add fuzz testing to a Java project'.	3 / 3
Trigger Term Quality	Includes strong natural trigger terms users would say: 'fuzz testing', 'Java', 'CATS', 'API negative testing', 'CI quality gates', 'boundary', 'malformed input', 'test coverage'. The explicit trigger examples ('Add fuzz testing to a Java project', 'Use CATS for API negative testing') closely match real user requests.	3 / 3
Distinctiveness Conflict Risk	Highly distinctive with a clear niche: CATS-based fuzz testing for Java APIs. The combination of the specific tool (CATS), the technique (fuzz testing/negative testing), and the language (Java) makes it very unlikely to conflict with other skills.	3 / 3
	Total	12 / 12 Passed

Validation

100%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 11 / 11 Passed

Validation for skill structure

No warnings or errors.

Repository: jabrena/cursor-rules-java
Commit: c9e3891

Reviewed: 3 days ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.