qa-process
Test process + methodology: 19 skills + 7 agents covering risk-based testing, DoD, test strategy, blameless post-mortems, release readiness, smoke gating, pyramid analysis, TDD coaching, E2E budgets.
Install this plugin
/plugin install qa-process@testland-qaPart of role bundles: qa-starter, qa-role-manual-tester, qa-role-leadership
qa-process
Test process + methodology - risk-based testing matrix + storming, Definition of Done, test strategy authoring, blameless post-mortems, release readiness gates, smoke-suite gating, test-pyramid analysis, TDD coaching for stuck patterns, E2E suite budgets, and test-case ideation from user stories.
Components
| Type | Name | Description |
|---|---|---|
| Skill | definition-of-done | Pure-reference + checklist-generator for the team's Definition of Done (DoD) - explains the Scrum Guide's DoD definition ("a formal desc... |
| Skill | e2e-suite-budget | Build-an-X workflow that caps the E2E suite size by computing flakiness ROI per test - for each E2E test, computes (regressions caught ×... |
| Skill | framework-choice-advisor | Pure reference catalog for picking a test automation framework - covers Playwright / Cypress / Selenium / WebdriverIO / Appium / Espresso... |
| Skill | heuristic-test-design-coach | Reference catalog of the four canonical heuristic test-design models - Bach's Heuristic Test Strategy Model (HTSM) with SFDPOT product el... |
| Skill | post-mortem-author | Build-an-X workflow that produces a blameless post-mortem from an incident - captures the timeline (chronological event sequence with sou... |
| Skill | product-risk-register-builder | Build-an-X workflow that produces a product-level risk register catalogue - per-feature / per-component product risks (functionality, per... |
| Skill | project-risk-register-builder | Build-an-X workflow that produces a project-level risk register - risks tied to the project execution (schedule slippage, environment ins... |
| Skill | qa-okr-author | Build-an-X workflow that drafts a QA team's quarterly OKR set - one to three Objectives, each with 3 - 5 measurable Key Results - from th... |
| Skill | qa-vendor-evaluator | Build-an-X workflow that produces a side-by-side commercial-vendor evaluation matrix for QA tools - test-management platforms (TestRa... |
| Skill | risk-acceptance-decision-author | Build-an-X workflow that produces a structured risk-acceptance decision document - for risks the team has decided to accept (rather than... |
| Skill | risk-coverage-mapper | Build-an-X workflow that produces a risk-to-test-coverage matrix - maps each risk in the product/release register to the tests / cases /... |
| Skill | risk-matrix | Build-an-X workflow that produces a per-feature / per-release risk matrix - captures risks via a structured intake (feature → category →... |
| Skill | risk-storming-facilitator | Build-an-X workflow for a risk-storming session - collaborative risk identification meeting where engineers brainstorm "what could go wr... |
| Skill | smoke-suite-gate | Build-an-X workflow for a critical-path smoke suite that runs in <5 minutes - picks the 5-15 highest-business-value journeys (login, hero... |
| Skill | tdd-stuck-pattern-resolver | Pattern catalog for "I can't write the test first" moments - recognizes the common testability blockers (singletons / static dependenci... |
| Skill | test-case-from-live-feature | Build-an-X workflow that produces a test-case matrix from a live, undocumented feature - running app at a URL, screen recording, scre... |
| Skill | test-case-ideation-from-story | Takes a user story or feature spec and emits a markdown test-case matrix - one row per case (id, title, precondition, steps, expected, ti... |
| Skill | test-pyramid-balancer | Build-an-X workflow that analyzes a repo's test mix (unit / integration / E2E counts + runtimes) and recommends rebalancing toward Cohn's... |
| Skill | test-strategy-author | Build-an-X workflow that produces a test strategy document for a project / release / feature - covers scope, in/out, test types per layer... |
| Agent | release-readiness-checker | Builder/scaffolder agent that runs a configurable gate suite before a release - reads release-readiness.yml (which defines the gates: s... |
| Agent | risk-assessment-critic | Adversarial agent that audits a risk register (product or release) for assessment quality. |
| Agent | risk-based-test-planner | Action-taking strategic planner - given a feature scope or change initiative + the risk matrix, applies risk-based prioritization to choo... |
| Agent | risk-based-test-selector | Action-taking agent that picks the subset of tests to run for a specific change set, weighted by the risk matrix - reads the PR's diff, i... |
| Agent | risk-matrix-recommender | Read-only specialist that ingests an existing risk matrix (per risk-matrix) plus historical CI + defect data and recommends data-inform... |
| Agent | risk-storming-session-runner | Action-taking orchestrator that runs a three-amigos risk-storming session end to end - structured prompts drive collaborative risk identi... |
| Agent | test-case-quality-auditor | Adversarial reviewer for test cases (not test code) - reads a TestRail / Qase / Xray export (CSV / JSON / API) or a markdown matrix p... |
Install
/plugin marketplace add testland/qa
/plugin install qa-process@testland-qaSkills
definition-of-done
Pure-reference + checklist-generator for the team's Definition of Done (DoD) - explains the Scrum Guide's DoD definition ("a formal description of the state of the Increment when it meets the quality measures required for the product"), proposes a starter DoD with the 7-10 lines most teams need (code reviewed, unit tests, docs, AC met, deployed to staging, smoke passed, no a11y regressions, telemetry wired, observability in place), and emits a per-PR checklist `quality-coach` enforces. Use when the team doesn't have a DoD or wants to revise theirs.
e2e-suite-budget
Build-an-X workflow that caps the E2E suite size by computing flakiness ROI per test - for each E2E test, computes (regressions caught × value) ÷ (runtime × flake rate × maintenance cost), ranks all tests by ROI, identifies the bottom decile (low ROI = high cost / low signal), and recommends specific tests to retire / move to lower layer / fix flake. Use quarterly to keep E2E count from growing past the team's maintenance capacity.
framework-choice-advisor
Pure reference catalog for picking a test automation framework - covers Playwright / Cypress / Selenium / WebdriverIO / Appium / Espresso / XCUITest / RestAssured / Karate / k6 / Locust with side-by-side tradeoffs on speed, cross-browser, mobile, parallelisation, language support, ecosystem maturity, CI integration; a decision tree for matching project NFRs to framework choice; and reference directory / fixture / CI layouts for the chosen stack. Distinct from the per-framework skills (`playwright-testing`, `cypress-testing`, etc.) which document configuration once a framework is chosen - this skill is the **upstream selection step**. Distinct from `test-pyramid-balancer` (which tunes the layer mix for an existing suite). Use when starting a new test-automation suite from scratch, before installing any tool.
heuristic-test-design-coach
Reference catalog of the four canonical heuristic test-design models - Bach's Heuristic Test Strategy Model (HTSM) with SFDPOT product elements, Whittaker's 'How to Break Software' attack patterns, Bolton's FEW HICCUPPS consistency oracles, and the ISO/IEC 25010 quality characteristics - for use when the tester has no user story, no acceptance criteria, and no documentation. Distinct from `test-case-ideation-from-story` (which works from a written story) and from `exploratory-charter-author` (which produces session charters, not case sets). Use as the reference layer that `test-case-from-live-feature` and `exploratory-charter-author` cite when generating coverage from zero documented input.
post-mortem-author
Build-an-X workflow that produces a blameless post-mortem from an incident - captures the timeline (chronological event sequence with sources), root cause analysis (what + why, not who), impact (users / revenue / SLO debt), action items (with owners + due dates + measurable success criteria), and "what went well" (intentional). Per Google SRE: "Blameless postmortems are a tenet of SRE culture." Use after every user-visible incident, not just severe ones.
product-risk-register-builder
Build-an-X workflow that produces a product-level risk register catalogue - per-feature / per-component product risks (functionality, performance, security, usability, compatibility, reliability) that persist across releases, distinct from per-release risk matrices. Walks the author through risk identification by ISO 25010 quality characteristic, scoring per impact × likelihood, and linking each register entry to mitigations + owners + review cadence. Output is a Markdown register the team reviews quarterly and that seeds release-level risk matrices. Use for long-lived product-quality risks; complements risk-matrix for per-release risks.
project-risk-register-builder
Build-an-X workflow that produces a project-level risk register - risks tied to the project execution (schedule slippage, environment instability, people / staffing, vendor / dependency, scope creep) rather than the product itself. Walks the author through ISO 31000-aligned identification, impact × likelihood scoring, mitigation strategies (avoid / mitigate / transfer / accept), and ownership. Output is a register the project manager reviews weekly. Use for project / release execution risks; complements product-risk-register-builder (product-quality risks) and risk-matrix (per-release product risks).
qa-okr-author
Build-an-X workflow that drafts a QA team's quarterly OKR set - one to three Objectives, each with 3 - 5 measurable Key Results - from the team's current state (risk matrix, defect-trend narrative, test-run history, test-pyramid balance, compliance coverage). Every numeric target cites its source artifact (e.g., `defect-trend-narrator` 2026-Q1 escape rate). QA-specific by design - generic OKR generators (Tability, Asana, ClickUp) don't know test metrics; the differentiation is the domain. Distinct from `test-strategy-author` (which authors the strategy doc) and from `risk-matrix-recommender` (which calibrates risk inputs). Use at the start of each quarter to draft the OKR set the manager edits and the team commits to.
qa-vendor-evaluator
Build-an-X workflow that produces a side-by-side **commercial-vendor** evaluation matrix for QA tools - test-management platforms (TestRail / Qase / Xray / Zephyr / TestCollab), no-code platforms (mabl / Testim / Functionize / TestSigma / Reflect), visual regression services (Applitools / Percy / Chromatic), and commercial AI copilots - scoring each on capability fit, cost model, integration depth, vendor lock-in risk, exit cost, contractual posture, and customer-reference data. Distinct from `framework-choice-advisor` which evaluates **open-source code-first frameworks** (different axis: architecture, no contract / lock-in / exit-cost dimension). Use for commercial procurement decisions only - refuses to recommend a winner; the team owns the procurement choice.
risk-acceptance-decision-author
Build-an-X workflow that produces a structured risk-acceptance decision document - for risks the team has decided to accept (rather than mitigate / transfer / avoid). Walks the author through the ISO 31000 risk-acceptance criteria (rationale, sign-off, scope, review trigger, exit conditions), captures stakeholder approval, and links to the originating risk register entry. Output is a Markdown decision artefact that lives alongside the risk register and provides audit-defensible justification for the team's acceptance choice.
risk-coverage-mapper
Build-an-X workflow that produces a risk-to-test-coverage matrix - maps each risk in the product/release register to the tests / cases / monitoring that mitigate it. Walks the author through ingesting risks (from risk-matrix / product-risk-register-builder), inventorying test coverage (test cases via traceability-matrix-builder, automated tests via repo scan, production monitoring via observability dashboards), and computing per-risk coverage depth + identifying orphan risks (no coverage) + orphan tests (not linked to risks). Output is a Markdown matrix + executive summary.
risk-matrix
Produces the per-feature / per-release risk-matrix artifact (not the facilitation session - see `risk-storming-facilitator` for running the live meeting). Captures risks via a structured intake (feature, category, impact 1-5 by likelihood 1-5, score), tracks mitigations plus owners plus due dates, supports both lightweight (impact by likelihood) and heavyweight (FMEA / Cost of Exposure) methods per RBT canon. Output is a Markdown / spreadsheet artifact the team reviews per sprint and that drives test prioritization, consumed by `risk-based-test-selector` and `risk-based-test-planner`. Does not recommend which methodology to use: for data-driven score calibration against historical defect data use `risk-matrix-recommender`. For a cross-release living register of high-risk areas spanning services, use `product-risk-register-builder`. Use when building the per-release matrix artifact itself.
risk-storming-facilitator
Reference guide for planning and facilitating a risk-storming session yourself - covers meeting structure, participant roster, per-category brainstorm prompts (categories drawn from `risk-matrix`), affinity grouping, impact by likelihood scoring, and mitigation assignment. Static reference only, not an active runner: distinct from `risk-storming-session-runner` (an agent that interactively runs the session and writes the matrix file), and distinct from `risk-matrix` (the artifact itself). Use when you want to understand or teach the facilitation pattern, or run the session at feature-kickoff time without agent assistance.
smoke-suite-gate
Build-an-X workflow for a critical-path smoke suite that runs in <5 minutes - picks the 5-15 highest-business-value journeys (login, hero flow, checkout, payment, primary read), implements as fast E2E or API tests, gates per-deploy, retries on transient failures with quarantine. Use as the canary-precursor or per-deploy verification gate; the team's "if this fails, the build can't proceed" floor.
tdd-stuck-pattern-resolver
Pattern catalog for "I can't write the test first" moments - recognizes the common testability blockers (singletons / static dependencies, network in constructors, time / random as hidden inputs, deeply nested constructions, untestable boundaries) and proposes specific refactors that make TDD viable (extract interface, dependency injection, seam, ports-and-adapters). Use as TDD coaching for engineers stuck on a specific class of code.
test-case-from-live-feature
Build-an-X workflow that produces a test-case matrix from a **live, undocumented feature** - running app at a URL, screen recording, screenshot, or verbal brief - by combining structured exploration (Playwright trace / DevTools / accessibility tree) with the heuristic models in `heuristic-test-design-coach` (SFDPOT, Whittaker attacks, FEW HICCUPPS, ISO 25010). Distinct from `test-case-ideation-from-story` (which requires a written story / AC) and from `exploratory-charter-author` (which produces a session charter, not a structured matrix). Use when there is no story, no AC, and no documentation - only a live feature.
test-case-ideation-from-story
Takes a user story or feature spec and emits a markdown test-case matrix - one row per case (id, title, precondition, steps, expected, tier) covering happy path, alternate paths, boundaries, and negative paths - before any test code is written. Output is the human-reviewable matrix that goes into TestRail / Qase / Xray. Distinct from `gherkin-from-stories` (which assumes the AC layer is already locked and emits Gherkin) and from `ai-test-generator` (which emits executable code, not a case matrix). Use as the first artifact a manual tester or three-amigos session produces from a story, ahead of automation.
test-pyramid-balancer
Build-an-X workflow that analyzes a repo's test mix (unit / integration / E2E counts + runtimes) and recommends rebalancing toward Cohn's pyramid ratios per the change-set shape - pure-logic-heavy repo wants ~80/15/5; UI-heavy repo wants ~60/25/15. Detects "ice-cream cone" (E2E-heavy) and "hourglass" (integration-thin) anti-patterns. Use quarterly to keep the test mix calibrated to the codebase reality.
test-strategy-author
Build-an-X workflow that produces a test strategy document for a project / release / feature - covers scope, in/out, test types per layer (unit / integration / contract / E2E / perf / security / a11y), risk-based prioritization mapping (per `risk-matrix`), tooling stack, environments, exit criteria, ownership. Use as the artifact stakeholders sign off on before significant test investment, and the reference engineering teams come back to when scope / quality questions arise.
Agents
release-readiness-checker
Orchestrates a configurable multi-gate suite before a release and emits a single go / no-go verdict with per-gate evidence. Reads `release-readiness.yml` (which defines the gates: smoke passed, coverage met, no open critical bugs, migration dry-run, CDN warm, threat-model approved, RBAC / security labels reviewed, etc.), executes each gate, and aggregates the verdicts. Use when the question is "are ALL release conditions met?" - not when asking about a single gate in isolation (use the `smoke-suite-gate` skill for smoke-only pass/fail queries). Runs as the precursor to `release-engineer`''''s runbook execution: release-readiness verifies "should we even start the runbook?" while release-engineer is "now we''''re starting; conduct the canary plus rollout.
risk-assessment-critic
Adversarial agent that audits a risk register (product or release) for assessment quality. Checks: every risk has both impact AND likelihood scored independently (not auto-equated), scores are justified (not gut-feel), all 4 ISO 31000 strategies considered before Accept is chosen, mitigations link to test coverage (via risk-coverage-mapper) or to a documented decision (via risk-acceptance-decision-author), critical risks (score ≥15) have escalation evidence, and the register has been reviewed within its cadence (quarterly for product, weekly for project). Use as a hygiene gate before release planning or quarterly review.
risk-based-test-planner
Action-taking strategic planner - given a feature scope or change initiative + the risk matrix, applies risk-based prioritization to choose what to test deeply, what to skip, and where to allocate manual / automated / chaos / load test investment. Distinct from `risk-based-test-selector` (per-PR tactical) - this is per-feature / per-quarter strategic. Emits a test plan with test types per risk class, owner assignments, and effort estimates.
risk-based-test-selector
Action-taking agent that picks the subset of tests to run for a specific change set, weighted by the risk matrix - reads the PR's diff, intersects the changed files with risks in the matrix, scopes the test run to (a) tests covering high-risk areas + (b) tests covering changed files, and emits the test selection. Differs from `regression-suite-selector` (which uses coverage maps) - this uses risk weights from the matrix per `risk-matrix`.
risk-matrix-recommender
Read-only specialist that ingests an existing risk matrix (per `risk-matrix`) plus historical CI + defect data and recommends data-informed adjustments to risk scores - flags entries where observed defect density / failure rate / escape rate diverges from the matrix's likelihood × impact, suggests new entries for areas with high observed defect density that are not in the matrix, and reports every recommendation with the underlying data citation. Refuses to modify the matrix; the team reviews and applies. Distinct from `risk-based-test-selector` (deterministic test selection from a fixed matrix) and from `risk-based-test-planner` (strategic plan from a fixed matrix). Use as a quarterly / per-release calibration of the matrix against actual outcomes.
risk-storming-session-runner
Action-taking orchestrator that runs a three-amigos risk-storming session end to end - structured prompts drive collaborative risk identification across all six risk categories, silent-brainstorm phase captures individual risks before group convergence, scores each risk impact x likelihood, and emits a fully populated risk matrix per the `risk-matrix` artifact schema. Distinct from `risk-based-test-planner` (consumes a matrix to produce a test plan) and `risk-storming-facilitator` skill (facilitation pattern reference only). Use when a test lead or EM is running a feature-kickoff or pre-release risk session and needs a populated matrix as output.
test-case-quality-auditor
Adversarial reviewer for test **cases** (not test code) - reads a TestRail / Qase / Xray export (CSV / JSON / API) or a markdown matrix produced by `test-case-ideation-from-story` / `test-case-from-live-feature` and flags untestable assertions, vague preconditions, non-reproducible steps, missing equivalence-partitioning coverage, duplication across cases, imperative UI mechanics in declarative slots, and traceability gaps to source requirements. Distinct from `test-code-critic` and the four sibling agents in `qa-test-review` (which review test **code** files); this auditor operates on case matrices and tracker exports. Use as the gate between case authoring and execution / automation.