Security & Testing Habilidades de Claude

Security Compliance & Scanning

Automates security audits, vulnerability scanning, and compliance validation for software development workflows.

Professional Code Reviewer

Performs in-depth code quality analysis and provides actionable, structured feedback to improve maintainability, security, and performance.

MoAI TRUST Enterprise Quality Framework

Enforces the TRUST 4 principles—Test First, Readable, Unified, and Secured—to ensure production-grade software quality and enterprise governance.

Bug Fix Plan Critic

Evaluates and scores proposed bug fix plans to ensure technical correctness, completeness, and risk mitigation.

Authentication Handler

Manages secure authentication, authorization, and user sessions using standardized API wrappers and frontend hooks.

Testing Strategy

Architects comprehensive testing frameworks and implementation patterns to ensure high-quality, resilient codebases.

Web App Testing with Playwright

Facilitates end-to-end testing and UI debugging of local web applications using native Playwright automation scripts.

Implementation Verifier

Ensures code implementations strictly adhere to PRD requirements by validating architectural boundaries and package dependencies.

Testing Coverage Standards

Implements and maintains rigorous testing coverage standards to ensure code reliability and quality throughout the development process.

Engineering Constraint Verification

Verifies business constraints and invariants by generating formal proofs or planning runtime validation checks.

Svelte Debugging & Optimization

Diagnoses and resolves Svelte reactivity issues, hydration mismatches, and state management errors using systematic debugging patterns.

Onvifscan Security Scanner

Audits ONVIF-enabled IP cameras and IoT devices for authentication vulnerabilities and weak credentials.

TDD Planning & Testing

Enforces a rigorous, phase-based Test-Driven Development workflow for bash script development using Vitest and automated logs.

Quality Gate Runner

Orchestrates comprehensive code quality checks including testing, linting, and type-checking with standardized reporting.

Systematic Debugging

Implements a rigorous, phase-based methodology to identify root causes and resolve technical issues without trial-and-error.

IoT UART Console (picocom)

Interacts with IoT device UART consoles for security auditing, hardware enumeration, and serial-based penetration testing.

MoonBit PBT Workflow Guide

Automates the implementation and optimization of Property-Based Testing in MoonBit projects using the QuickCheck framework.

Dependency Security Expert

Secures software supply chains by identifying vulnerabilities, implementing automated scanning, and enforcing dependency management best practices.

GitHub Security Fixer

Automates the identification, analysis, and remediation of GitHub CodeQL security alerts to maintain high code quality and security standards.

Team Authorization & RBAC

Manages team-based permissions and role-based access control to ensure consistent authorization across client-side actions and server-side functions.

TypeScript Any Eliminator

Refactors TypeScript codebases to replace 'any' types with robust, specific type definitions and strict interfaces.

Frontend Auth & JWT Patterns

Implements secure authentication flows using Better Auth and JWT token management for modern web applications.

RLS Audit & Multi-tenant Safety

Audits Row Level Security (RLS) configurations and ensures multi-tenant data isolation for secure server-side access.

Kubernetes Security Policies

Implements defense-in-depth Kubernetes security through network isolation, RBAC enforcement, and pod security standards.

Testing & TDD Quality Assurance

Implements high-quality testing strategies including TDD, the AAA pattern, and comprehensive test coverage targets for robust software development.

Vitest Safety Guard

Ensures Vitest test suites run reliably by preventing hung processes, enforcing timeouts, and managing system resources.

Perplexity Enterprise RBAC

Configures enterprise-grade single sign-on (SSO) and role-based access control for Perplexity integrations.

Systematic Debugging

Implements a rigorous, step-by-step methodology for isolating, fixing, and validating software bugs and test failures.

Test Fixing & Debugging

Systematically identifies and resolves failing tests using smart error grouping and prioritized fixing strategies.

TDD Discipline

Enforces a strict Red-Green-Refactor cycle by requiring a failing test before any production code is implemented.