fuzz-testinglisted

# Skill: fuzz-testing ## What I do I guide fuzzing strategy: use Go's built-in fuzz testing to discover edge cases, crashes, and unexpected behaviour by feeding random and mutated inputs to functions. Covers target selection, corpus management, and crash analysis. ## When to use me - Testing parsers, validators, or serialisation functions - Finding edge cases in string/data processing - Discovering panic-inducing inputs - Hardening public API surfaces - After fixing a bug (add crash input to corpus) ## Core principles 1. **Fuzz boundaries** - Focus on functions that parse, validate, or transform input 2. **Start with a seed corpus** - Provide known-good inputs as starting points 3. **Run long enough** - Short runs miss rare crashes (minimum 30 seconds) 4. **Fix crashes, add to corpus** - Every crash input becomes a regression test 5. **Fuzz one function at a time** - Isolated targets give clearer results ## Target selection ``` GOOD FUZZ TARGETS (high value) Parsers (JSON, YAML, custom formats) Validators (email, URL, date strings) Serialisation/deserialisation String manipulation functions Type conversion functions POOR FUZZ TARGETS (low value) Simple getters/setters Database queries (need infrastructure) UI rendering functions Functions with no error paths ``` ## Patterns & examples **Basic Go fuzz test:** ```go func FuzzParseDate(f *testing.F) { // Seed corpus with known inputs f.Add("2024-01-15") f.Add("2023-12-31") f.Add("")