Security & Testing Habilidades de Claude

Plan Validation & Scoring

Validates AI-generated development plans through adversarial challenges and quantitative confidence scoring to ensure production readiness.

Compliance Report Generator

Automates the creation of professional security compliance reports and regulatory documentation for major industry standards.

Access Control Auditor

Audits and identifies vulnerabilities in access control configurations, IAM policies, and network permissions to ensure security compliance.

Design-by-Contract Developer

Implements formal contract verification using preconditions, postconditions, and invariants across multiple programming languages to ensure code reliability.

Infrastructure Compliance Checker

Automates infrastructure security audits against industry standards including SOC2, HIPAA, and PCI-DSS to identify and remediate configuration gaps.

Temporal Python Testing

Automates and guides the testing of Temporal workflows in Python using pytest, time-skipping, and determinism validation.

Secrets Management

Implements secure secrets handling for CI/CD pipelines using Vault, AWS Secrets Manager, and cloud-native solutions.

Contract Test Validator

Ensures API reliability by generating and validating consumer-driven contract tests using Pact and OpenAPI specifications.

Temporal Python Testing

Streamlines the testing of Temporal workflows and activities using pytest, time-skipping, and determinism validation.

API Test Automation

Automates the creation and execution of comprehensive test suites for REST and GraphQL APIs to ensure contract compliance and functional reliability.

Surgical Bugfix

Resolves software defects using a minimalist, reductive approach that prioritizes code deletion and surgical precision.

Bug Hunt

Performs deep, multi-layered codebase audits using parallel specialized agents to identify bugs, security vulnerabilities, and performance bottlenecks.

React Testing Patterns

Implements comprehensive testing strategies using Vitest, React Testing Library, and Playwright for modern React applications.

PCI DSS Compliance Validator

Validates codebases and infrastructure configurations against Payment Card Industry Data Security Standard (PCI DSS) requirements to ensure secure cardholder data handling.

Container Security Scanner

Scans Docker images and running containers for vulnerabilities using industry-standard tools like Trivy and Snyk.

API Fuzz Testing & Security

Performs automated fuzz testing on REST APIs to identify security vulnerabilities, input validation failures, and edge-case crashes.

Container Security Scanner

Scans Docker images and running containers for vulnerabilities using industry-standard tools like Trivy and Snyk to ensure secure deployments.

Security Misconfiguration Finder

Identifies and remediates security vulnerabilities across infrastructure-as-code, application configurations, and system settings.

Web Application Testing

Automates and validates local web applications using Playwright scripts with built-in server lifecycle management.

Security Test Scanner

Automates comprehensive security vulnerability testing and penetration scanning for applications and APIs.

CORS Policy Validator

Analyzes and validates Cross-Origin Resource Sharing (CORS) configurations to identify security vulnerabilities and ensure policy correctness.

Integration Test Runner

Orchestrates and executes comprehensive integration test suites with automated environment setup and teardown.

Test Report Generator

Generates comprehensive, multi-format test reports with code coverage metrics and historical trend analysis.

PCI DSS Compliance Validator

Assesses codebases and infrastructure configurations for compliance with Payment Card Industry Data Security Standards to identify vulnerabilities.

Security Drift Detection

Monitors and reports architectural changes to identify security drift and new potential risks in your threat model.

Plugin Validator

Ensures Claude Code plugins meet structural, security, and marketplace standards through automated validation and auto-fixing.

API Security Fuzzer

Performs automated fuzz testing on REST APIs to identify security vulnerabilities, crashes, and input validation failures using malformed payloads.

Plugin Auditor

Audits Claude Code plugins for security vulnerabilities, repository compliance, and code quality standards.

FFUF Web Fuzzing Expert

Optimizes web fuzzing workflows using FFUF for high-speed content discovery and vulnerability identification during security audits.

OWASP Security Compliance Checker

Audits codebases for security vulnerabilities against the OWASP Top 10 standard to ensure robust application protection and compliance.