703-technologies-fuzzing-testing
Use when you need to add or review fuzz testing for Java APIs with CATS — including contract-driven negative testing, malformed payload validation, boundary input exploration, CI integration, reproducible failures, and local execution guidance. Part of the skills-for-java project
83
78%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/703-technologies-fuzzing-testing/SKILL.mdQuality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong skill description that clearly identifies its niche (CATS-based fuzz testing for Java APIs), lists specific concrete capabilities, and opens with an explicit 'Use when' trigger clause. The description is concise yet comprehensive, with excellent trigger terms that match natural developer language. The only minor note is the trailing 'Part of the skills-for-java project' which adds context but isn't strictly necessary for skill selection.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'add or review fuzz testing', 'contract-driven negative testing', 'malformed payload validation', 'boundary input exploration', 'CI integration', 'reproducible failures', and 'local execution guidance'. These are detailed, concrete capabilities. | 3 / 3 |
Completeness | Explicitly answers both what (fuzz testing for Java APIs with CATS, including specific testing types and CI integration) and when ('Use when you need to add or review fuzz testing') with a clear trigger clause at the start. | 3 / 3 |
Trigger Term Quality | Includes strong natural keywords users would say: 'fuzz testing', 'Java APIs', 'CATS', 'negative testing', 'malformed payload', 'boundary input', 'CI integration', 'reproducible failures'. These cover the domain well and match how developers would describe these needs. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive — targets a very specific niche: fuzz testing Java APIs with the CATS tool. The combination of 'CATS', 'fuzz testing', 'Java APIs', and 'contract-driven negative testing' makes it very unlikely to conflict with other skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
57%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
The skill is well-structured as an overview with good progressive disclosure and clear constraints, but it lacks actionable content — no CATS commands, no example invocations, no configuration snippets. It essentially serves as a table of contents pointing to a reference file, with the only concrete commands being Maven build/verify steps rather than actual fuzzing instructions.
Suggestions
Add at least one concrete, executable CATS command example (e.g., `cats --contract=openapi.yaml --server=http://localhost:8080`) to make the skill immediately actionable without requiring the reference file.
Include a minimal end-to-end workflow for running CATS locally: start server → run CATS → review report → triage findings, with explicit validation checkpoints.
Remove or condense the 'What is covered' bullet list, which largely duplicates the section headers and reference content without adding value.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill includes some unnecessary enumeration of what's covered (the bullet list under 'What is covered') that largely restates the description and reference content. The constraints section is useful but the overall content could be tighter. | 2 / 3 |
Actionability | The constraints section provides concrete commands (./mvnw compile, mvn clean verify), but the skill itself contains no executable CATS commands, no example invocations, no configuration snippets, and no concrete code. All substantive guidance is deferred to the reference file. | 2 / 3 |
Workflow Clarity | There is a clear sequence in the constraints (compile → apply changes → regenerate → verify) with a stop condition on compilation failure, but there's no explicit validation/feedback loop for the actual fuzzing workflow itself. The fuzz testing process steps are entirely absent from this file. | 2 / 3 |
Progressive Disclosure | The skill provides a clear overview with well-organized sections and a single, clearly signaled reference link for detailed guidance. The structure is appropriate for a skill that delegates depth to one reference file. | 3 / 3 |
Total | 9 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- jabrena/cursor-rules-java
- Commit
81b047f
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.