list-tests
Show failing Vanta compliance tests, prioritized by what can be fixed from this repository
What this skill does
Show the user their failing Vanta tests, ranked by what the plugin can help with.
## Steps
1. **Fetch failing tests.** Call `tests` to get all tests with status `NEEDS_ATTENTION`.
2. **Categorize and rank tests.** Group the failing tests into tiers:
**Ready to fix** — Tests where:
- The test's integration matches resources likely managed in this repo. Detect this by checking for deployment code: look for provider declarations (`provider "aws"` in `.tf` files for AWS, `provider "google"` for GCP, `provider "azurerm"` for Azure) **and** resource type prefixes (`aws_`, `google_`, `azurerm_`) in `.tf` files; or `AWSTemplateFormatVersion` in CloudFormation templates; or `cdk.json` for CDK projects. Use both signals — provider blocks are often absent in child modules or Terragrunt configs.
- Present these first. These are one-command fixes with `/vanta:fix-test <testId>`.
**Fixable with guidance** — Tests that are code-remediable but may not match this repo (different cloud provider, different integration). The user can still get remediation code, but may need to apply it elsewhere.
**Manual steps needed** — Tests that require configuration changes in external tools, Vanta settings, or manual processes. The plugin can provide guidance but not generate code.
3. **Present the results.** For each tier, show a table with columns:
- Test name
- Test ID
- Number of failing entities
- Integration (e.g., AWS, GitHub, Azure)
- How long the test has been failing (from `latestFlipDate`)
- For "Ready to fix" tests, show: `Run /vanta:fix-test <testId> to generate a PR`
4. **Highlight co-failure clusters.** If multiple failing tests map to the same resource type or integration, note this. For example: "5 IAM tests are failing — fixing the password policy may resolve all of them at once."
5. **Keep it scannable.** Use a table or bulleted list. Do not dump raw API responses. The user needs to quickly see what to fix first.
## Edge cases
- **No failing tests:** "All tests are passing. Nice work." Do not show an empty table.
- **User asks to filter (e.g., "show AWS tests"):** Filter by integration name. If no failures match the filter, say so and show the full list: "No failing AWS tests found. Here's what is failing across other integrations:"
- **User asks to filter by framework (e.g., "SOC 2 gaps"):** Filter by framework. "You have [N] failing tests mapped to SOC 2. Here are the ones I can help fix from this repo."
- **User asks "what should I fix first?":** Rank by impact: IaC-fixable in this repo first, then highest entity count, then longest time failing. Highlight co-failure clusters as "biggest bang for the buck."
- **Very large number of failing tests:** Group by integration and summarize counts rather than listing every test. Show the top 5-10 highest-impact items with a note: "[N] more tests failing. Want to see the full list or focus on [integration]?"
Related in General
modeling-omnistudio-epc-catalog
IncludedSalesforce Industries CME EPC product-modeling skill for Product2-based catalog creation. Use when creating EPC products, configuring product attributes, building offer bundles with Product Child Items, or reviewing EPC DataPack JSON metadata for product catalog changes. TRIGGER when: user creates or updates Product2 EPC records, AttributeAssignment payloads, AttributeMetadata/AttributeDefaultValues, Offer bundles, or ProductChildItem relationships. DO NOT TRIGGER when: designing OmniScripts/FlexCards/Integration Procedures (use building-omnistudio-omniscript, building-omnistudio-flexcard, or building-omnistudio-integration-procedure), implementing Apex business logic (use generating-apex), or troubleshooting deployment pipelines (use deploying-metadata).
relationship-science-coach
IncludedUse this skill for direct, practical adult relationship coaching: couples conflict, repair, trust, marriage, dating, flirting, attachment patterns, emotional connection, sex, desire differences, eroticism, kink negotiation, affection, love languages, breakups, and long-term passion. Draw on Gottman, EFT and Hold Me Tight, attachment science, modern sex research, Perel, Nagoski, Kerner, Schnarch, Love and Stosny, and flexible love-language tools. Be concrete and low-hedge. Redirect only for imminent danger, abuse, coercive control, minors, non-consent, self-harm, stalking, or medical/legal/psychiatric decisions.
building-sf-integrations
IncludedSalesforce integration architecture and runtime plumbing with 120-point scoring. Use this skill to set up Named Credentials, External Credentials, External Services, REST/SOAP callout patterns, Platform Events, and Change Data Capture. TRIGGER when: user sets up Named Credentials, External Services, REST/SOAP callouts, Platform Events, CDC, or touches .namedCredential-meta.xml files. DO NOT TRIGGER when: Connected App/OAuth config (use configuring-connected-apps), Apex-only logic (use generating-apex), or data import/export (use handling-sf-data).
venue-templates
IncludedAccess comprehensive LaTeX templates, formatting requirements, and submission guidelines for major scientific publication venues (Nature, Science, PLOS, IEEE, ACM), academic conferences (NeurIPS, ICML, CVPR, CHI), research posters, and grant proposals (NSF, NIH, DOE, DARPA). This skill should be used when preparing manuscripts for journal submission, conference papers, research posters, or grant proposals and need venue-specific formatting requirements and templates.
let-fate-decide
IncludedDraws the 12 Houses of the Zodiac Tarot spread to inject entropy into planning when prompts are vague, ambiguous, or casually delegated. Interprets the spread to guide next steps. Use when the user says 'let fate decide', 'YOLO', 'whatever', 'idk', or other nonchalant phrases, makes Yu-Gi-Oh references, or when you are about to arbitrarily pick between multiple reasonable approaches. Prefer over ask-questions-if-underspecified when the user's tone is casual or playful rather than precision-seeking.
net-ops
IncludedCross-platform network troubleshooting (Windows, macOS, Linux) via local or remote shell. Use for: DNS broken, can't resolve hostnames, nslookup/dig works but apps fail, NRPT, WFP, scutil, /etc/resolver, systemd-resolved, /etc/resolv.conf, NetworkManager, VPN DNS leak residue (ProtonVPN/Mullvad/WireGuard/AnyConnect), AV/firewall blocking DNS or DoH, Tailscale DNS interaction, intermittent connectivity, remote diagnostics over SSH.