Skip to main content
Testing automation · commands · 18 picks

Claude Code testing automation

Commands, hooks, and skills for generating tests, running checks, enforcing TDD loops, and keeping Claude Code changes verifiable.

Curated by @heyclaude-editors Updated 2026-07-18

Commands, hooks, and skills for generating tests, running checks, enforcing TDD loops, and keeping Claude Code changes verifiable.

Compared at a glance

The top 5 picks side by side on trust, install, platform support, and disclosed notes — full rationale for each below.

3 trust signals differ across this comparison (Package trust, Source provenance, Submitter).

Next steps differ across picks — use the actions in the table below to copy install commands and source links per resource.

Field

A user-created custom slash command that runs a red-green-refactor TDD loop in Claude Code: write failing tests first, implement until they pass, then refactor. Built with the documented custom-command frontmatter and $ARGUMENTS substitution, not a built-in feature.

Open dossier

Community slash command runbook for adding minimal automated tests around a changed module: inspect the git diff, mirror repository test conventions, and draft focused unit or integration tests using Anthropic develop-tests guidance.

Open dossier

Write and maintain reliable end-to-end tests with Playwright — Microsoft's browser automation library that auto-waits for actionable elements and runs the same suite against Chromium, Firefox, and WebKit.

Open dossier

A user-created custom slash command for Claude Code that turns a file or function into a test suite. You create .claude/commands/generate-tests.md and invoke it with /generate-tests; it is a prompt recipe, not a built-in command, and uses no CLI flags.

Open dossier

Build intelligent CI/CD pipelines with GitHub Actions, AI-assisted workflow generation, automated testing, and deployment orchestration.

Open dossier
Next stepsDiffers
Trust
Review statusReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewed
Package trustDiffersPackage not verifiedPackage not verifiedPackage verified2025-10-16Package not verifiedPackage verified2025-10-16
Source provenanceDiffersSource-backedSubmission linkedSource submissionNo submission linkSource-backedNo submission link
SubmitterDifferskiannidev
Install riskReview firstReview firstLow riskReview firstLow risk
Notes Safety ✓ Privacy ✓ Safety ✓ Privacy ✓ Safety ✓ Privacy ✓ Safety ✓ Privacy ✓ Safety ✓ Privacy ✓
BrandGitHub logoGitHub
Categorycommandscommandsskillscommandsskills
SourceSource-backedSource-backedFirst-partySource-backedFirst-party
AuthorJSONboredkiannidevJSONboredJSONboredJSONbored
Added2025-10-252026-06-162025-10-162025-09-162025-10-16
Platforms
Harness
Source repo
Safety notesThe base recipe does not pre-approve Bash commands. Review the project's test scripts first, then approve the exact test command when Claude Code prompts or add a narrowly scoped command only after you trust it. Claude may create and edit test and source files as part of the loop (Read/Edit/Write). Run it in version control so changes are reviewable and reversible. If you extend the prompt with auto-commit or deploy steps, add explicit safety review; the base recipe does not commit or push.Generated tests are drafts; run the project's test command locally before committing. Do not add network calls, production credentials, or destructive setup to proposed tests.`npx playwright install --with-deps` downloads browser binaries (~500 MB for Chromium, Firefox, and WebKit) from Playwright's CDN and on Linux installs system-level packages. Review your network and environment policies before running in restricted infrastructure. Generated tests have full browser-level access to any URL they target. Review test scripts before running them against authenticated sessions or production environments — Playwright can submit forms, click buttons, and make network requests as a real user.The recipe asks Claude to run the test suite, which executes project code and test commands locally; review the source and tests before running, especially in an unfamiliar repository. If you add an allowed-tools field (e.g. Bash(npm test:*)), Claude can run those tool calls without a per-use permission prompt while the command is active. Scope it narrowly. Project-level .claude/commands files are shared via git and run for anyone who trusts the workspace; treat a checked-in command as executable content and review it before trusting the repo.Setup downloads and unzips a package, and generated workflows run build/test/deploy commands in CI with repository permissions; review workflow YAML and least-privilege the GITHUB_TOKEN before merging.
Privacy notesThe command body can read project files via @ references and !`command` injection if you add them; only reference files you are comfortable sending to the model as prompt context. The base recipe asks you to inspect project test scripts instead of injecting package.json automatically.Use synthetic fixtures only; do not copy production logs or customer records into tests.Playwright runs entirely on your local machine. Traces, screenshots, and HTML test reports are written to local disk only and are not uploaded to Microsoft or any external service. Trace files and failure screenshots may capture sensitive content from the application under test (form data, rendered PII, session tokens visible in URLs). Store and rotate these files appropriately.Dynamic-injection lines (!`...`) and @file references send the output of shell commands and the contents of referenced files into the model context; avoid pointing them at files containing secrets, credentials, or other sensitive data.CI workflows read repository code and use secrets (API keys, deploy credentials, model keys); store them in GitHub Actions secrets, never in workflow files or logs, and review what third-party actions can access.
Prerequisites— none listed
  • Git repository with an existing test runner configured in package scripts or docs.
  • A concrete code change or diff hunk to cover with new or updated tests.
  • Node.js 18+
  • Playwright 1.40+ with the @playwright/test package
  • Browser binaries installed via `npx playwright install` (Chromium, Firefox, WebKit)
  • A web application accessible for testing (local dev server, staging, or production URL)
— none listed
  • GitHub repository with Actions enabled
  • Test suite (Vitest, Jest, Playwright)
  • Deployment target (Vercel, AWS, GCP, etc.)
  • GitHub account with repository access and Actions enabled (free tier includes 2,000 minutes/month)
Install
/targeted-test-generation <file-or-symbol>
npx playwright install --with-deps
curl -L https://heyclau.de/downloads/skills/github-actions-ai-cicd.zip -o github-actions-ai-cicd.zip && unzip -o github-actions-ai-cicd.zip -d ./github-actions-ai-cicd
Config
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimedUnclaimed
Open 4 picks in the interactive comparison tool
  1. 01
    Why it made the cut

    TDD Workflow Custom Command for Claude Code is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  2. 02
    Why it made the cut

    /targeted-test-generation - Targeted Test Generation Runbook is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  3. 03
  4. 04
    Why it made the cut

    Generate Tests Custom Command is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  5. 05
    Why it made the cut

    GitHub Actions AI-Powered CI/CD Automation Skill is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  6. 06
    Why it made the cut

    Playwright MCP Browser Automation Engineer Skill is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  7. 07
    Why it made the cut

    Google Workspace Gemini Automation Skill is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  8. 08
    Why it made the cut

    Code Test Runner Hook - Hooks is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  9. 09
    Why it made the cut

    Git Pre Commit Validator - Hooks is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  10. 10
    Why it made the cut

    Test Coverage Final Report - Hooks is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  11. 11
    Why it made the cut

    Codex Automations Orchestrator Capability Pack Skill is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  12. 12
    Why it made the cut

    MCP Tool Contract Testing Skill is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  13. 13
    Why it made the cut

    n8n Production Security Capability Pack Skill is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.

  14. 14
    Why it made the cut

    /test-advanced - Advanced Test Planning Custom Command is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  15. 15
    Why it made the cut

    Jest Snapshot Auto Updater - Hooks is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  16. 16
    Why it made the cut

    Playwright Test Runner - Hooks is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  17. 17
    Why it made the cut

    React Test Generator is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

  18. 18
    Why it made the cut

    Test Runner Hook - Hooks is included because it has safety notes present, privacy notes present, source-backed source posture.

    Reach for instead

    If this will touch credentials, local files, or production systems, inspect the upstream source first.

Missing a pick? Propose an edit to this list — every change goes through the same review queue as new entries.

Suggest a pick
Weekly · Sundays

Get the weekly brief

One calm read on Claude workflows. Sundays. No tracking pixels.

Unsubscribe any time. No tracking pixels. No partner blasts.