Plugin
non-functional-test-planning
Performance + security test plan. Perf: types (load/stress/soak/spike/scalability/volume/capacity), workload modeling from analytics, SLO-aligned thresholds, baseline + trend, tools (k6/Gatling/Locust/JMeter), isolated prod-like env, chaos. Sec: SAST + SCA + secret + container + IaC in CI; DAST nightly; IAST + fuzzing + pentest + red team; AuthN/Z tests; threat-model coverage check; vuln SLAs by severity; bug bounty; compliance-aligned (SOC2/PCI/HIPAA/GDPR/ISO27001). Not a certified audit.