The catalog

All 64 commands

Every /qa:* command, grouped by ISTQB activity. Click any command for its dedicated page — what it does, how it works, the theory behind it, and a worked example.

64 / 64

Test planning & management 13

/qa:qa-initInterview you and generate the per-project qa.config.yml — the single file every other /qa command reads.open → /qa:test-policyAuthor the Organizational Test Policy — the highest-level statement of why the org tests and what quality means, above any single project.open → /qa:create-strategyGenerate or refresh the program-wide Test Strategy from qa.config.yml — levels, types, techniques, automation, environments, entry/exit criteria.open → /qa:create-planBuild a release- or sprint-scoped Test Plan from the config plus a release name and feature list — scope, approach, entry/exit criteria, schedule, risks.open → /qa:risk-assessmentScore product and project risks (likelihood × impact), assign a tier, and derive the per-tier test response — risk-based testing.open → /qa:estimateEstimate testing effort for a release, feature, or backlog using both metrics-based and expert-based ISTQB techniques, expressed as a range.open → /qa:tool-selectEvaluate and select a testing tool with the ISTQB process — category, weighted criteria matrix, benefits/risks, pilot — as an ROI decision record.open → /qa:process-improvementAssess test-process maturity and recommend prioritized improvements using an ISTQB 'Improving the Test Process' / IDEAL lens — advisory only.open → /qa:quality-reportProduce a cross-release quality KPI dashboard / executive report — trends for escaped defects, coverage, pass rate, MTTR, automation %, flaky rate.open → /qa:team-planPlan QA team capacity and skills — staffing vs backlog, a skills matrix, gaps, key-person risk, and a training/onboarding plan.open → /qa:go-no-goRun a formal release go/no-go review — consolidate every quality signal into a documented ship/hold decision with conditions, residual risk, and sign-off.open → /qa:cost-of-qualityAnalyze Cost of Quality and automation ROI — prevention/appraisal/failure costs, cost of poor quality, and payback — to justify the QA budget.open → /qa:audit-prepAssemble an audit-readiness evidence pack — documentation completeness, traceability sample-checks, standards conformance, and a severity-ordered gap list.open →

Static testing, analysis & design 10

/qa:static-reviewReview a story, spec or API spec for testability and defects before any tests are written — shift-left review findings; source-code analysis is routed to static-analysis.open → /qa:test-casesDerive concrete test cases from a requirement, story, endpoint or file using ISTQB design techniques — a Test Case Specification with negative and boundary coverage, not just happy path.open → /qa:test-designDerive test conditions then cases across the full technique set (EP, BVA, decision table, state transition, ATDD) for a feature — broader design context than single-item test-cases.open → /qa:combinatorialCover a many-parameter feature with pairwise, classification-tree or orthogonal-array cases — strong interaction coverage with far fewer tests than exhaustive.open → /qa:acceptanceAuthor agreed, testable acceptance criteria and Given/When/Then scenarios collaboratively before development — the story's definition of done, with each criterion traced to a scenario.open → /qa:mbtModel a stateful flow as a state machine and derive cases to a stated coverage criterion (all-states / all-transitions / 0-switch) — provable completeness instead of ad-hoc cases.open → /qa:exploratoryPlan time-boxed, risk-driven charters with heuristics and oracles plus a reusable session sheet — experience-based testing that complements, never replaces, scripted coverage.open → /qa:static-analysisAnalyze source without running it — complexity, control-/data-flow, coding-standard and maintainability metrics — and report defect-prone units early; writes only the report, never the code.open → /qa:automation-auditScore an inherited automation suite end-to-end — gTAA architecture, SOLID & clean code, test-design quality, anti-patterns, pyramid, CI — into a maturity scorecard with prioritized, routed fixes. Read-only.open → /qa:review-coverageAudit coverage gaps against strategy and risk, verify the bidirectional traceability chain in both directions, and rank the highest-value missing tests. Read-only.open →

Test execution — functional & non-functional 14

/qa:perf-testScript (and optionally run) a K6 load/stress/spike/soak test with pass/fail thresholds from config gates.open → /qa:a11y-auditScaffold or run automated accessibility (axe) checks against the configured WCAG target, then write the execution log.open → /qa:usability-testEvaluate UX with ISTQB usability methods, heuristics, and ISO/IEC 25010 sub-characteristics — distinct from accessibility.open → /qa:nonfunctionalDesign and (where automatable) run reliability/compatibility/portability/maintainability tests against measurable ISO/IEC 25010 criteria.open → /qa:security-scanWire or run the automated security baseline — SAST, SCA, DAST, secrets — gated by config toggles, OWASP-aligned.open → /qa:contract-syncGenerate/verify consumer and provider Pact contracts and run a can-i-deploy gate across the web/API boundary.open → /qa:mobile-testTest responsive mobile-web behavior using CT-MAT concerns — viewports, touch, network, device matrix.open → /qa:ai-testTest AI/ML components using CT-AI methods — data quality, model metrics, bias/fairness, robustness, explainability, drift.open → /qa:regressionSelect, prioritize, and optimize the regression set via impact analysis; keep the suite lean.open → /qa:ciPull the whole failing build (any CI), bucket every failure, fix the fixable causes, harden to green ×3, and escalate real defects.open → /qa:fix-ciDiagnose one failing CI pipeline or test run, classify the root cause, and apply a safe fix without masking product defects.open → /qa:fix-jenkinsPull the latest Jenkins build's failed cases, fix each by root cause, and re-run only those locally until green.open → /qa:flaky-huntFind flaky/non-deterministic tests, quarantine against an SLA, fix the root cause (not blind retries), and report.open → /qa:self-healRepair broken locators after UI changes, prune/refactor obsolete tests, and re-run to confirm — heals how we locate, never what we verify.open →