Test Case Generation

Test Case Generation

Generate comprehensive test cases covering happy paths, edge cases, boundary conditions, and security scenarios. Apply AI-generated edge case discovery to find scenarios the development team may not have considered.

Overview

Test cases are the executable specification of system behaviour. This skill generates test cases that are specific, independent, and verifiable — not generic or overlapping.

Test Case Generation Process

Step 1: Identify Test Targets

From the story or requirement, identify:

• Functions/methods to unit test
• API endpoints to integration test
• User flows to E2E test
• Security surfaces to test (auth boundaries, input fields, file uploads)

Step 2: Generate Test Cases by Type

Happy Path (Must have)

The expected successful flow. At least one test case per acceptance criterion.

Boundary Conditions (Must have)

For numeric inputs: test minimum, minimum-1, maximum, maximum+1, and zero. For string inputs: test empty string, single character, maximum length, maximum+1 length. For collections: test empty, single item, maximum items.

Negative Cases (Must have)

• Missing required fields
• Wrong data types
• Invalid formats (malformed email, invalid UUID, past date)
• Unauthorised access attempts

AI-Generated Edge Cases (Recommended)

Systematically consider:

• Concurrent operations: what if two users do this simultaneously?
• Race conditions: what if a dependency fails mid-operation?
• Large payloads: what if the input is much larger than expected?
• Unicode and special characters: emoji, RTL text, null bytes, SQL metacharacters
• Timezone edge cases: DST transitions, midnight, leap day
• Cascade effects: does this action trigger other actions that could conflict?

Security Test Cases

• Injection: ' OR 1=1; -- in string fields
• XSS: <script>alert(1)</script> in text fields
• IDOR: access another user's resource by guessing ID
• Auth bypass: access protected endpoint without token

Step 3: Test Case Format

# TC-[N]: [Short descriptive title]

**Type**: Unit | Integration | E2E | Security | Performance
**Priority**: P0 (critical) | P1 (high) | P2 (medium) | P3 (low)
**Story**: STORY-[N]

## Preconditions
[State that must be true before this test runs]

## Steps
1. [Action]
2. [Action]
3. [Expected result]

## Expected Result
[Specific, verifiable outcome]

## Test Data
[Specific values to use]

## Notes
[Any special considerations]

Step 4: Test Case Table (Summary View)

TC-ID	Title	Type	Priority	Story	Automated
TC-001	Valid login with correct credentials	E2E	P0	STORY-5	Yes
TC-002	Login with wrong password returns 401	Integration	P0	STORY-5	Yes
TC-003	Login with SQL injection in username	Security	P0	STORY-5	Yes

Property-Based Test Suggestions

For complex business logic, suggest property-based tests:

• "For any valid order, the total price must equal the sum of line item prices"
• "For any user with role Admin, all admin endpoints must return 200"
• "For any input that passes validation, processing must complete within 500ms"

Additional Resources

• references/edge-case-patterns.md — Domain-specific edge case patterns