Security & Testing Habilidades de Claude

Verification Before Completion

Enforces rigorous evidence-based validation before any task completion claims, commits, or pull requests.

Frontend Component Testing

Automates the generation of comprehensive unit, snapshot, and interaction tests for React and Vue components using React Testing Library.

Backend Test Generator

Automates the creation of comprehensive backend unit and integration tests with mocks and fixtures.

OWASP Top 10 Security Auditor

Audit and secure codebases against the most critical web application security risks using industry-standard mitigation patterns.

Preflight Code Quality Checker

Automatically discovers and executes comprehensive code quality checks including linting, type checking, security audits, and testing across multiple programming ecosystems.

Security Audit & OWASP Compliance

Performs deep security analysis of codebases to identify vulnerabilities, OWASP Top 10 risks, and insecure architectural patterns.

Condition-Based Waiting

Eliminates flaky tests and race conditions by replacing arbitrary timeouts with smart, deterministic condition polling.

PRD Validator & Quality Check

Validates product requirement documents against structural standards and historical project lessons to ensure high-quality coding stories.

Subagent Skill Testing

Validates and stress-tests AI skill documentation using a TDD-inspired Red-Green-Refactor cycle to ensure agent compliance under pressure.

Defense-in-Depth Validation

Ensures application reliability by implementing multi-layered validation patterns that make structural bugs and data corruption impossible to reproduce.

Systematic Debugging

Enforces a rigorous, four-phase debugging methodology to identify root causes and ensure reliable software fixes without guesswork.

Testing Anti-Patterns

Enforces high-quality testing standards by identifying and preventing common pitfalls like mock-testing and production code pollution.

Accessibility Auditor

Conducts comprehensive WCAG compliance audits and identifies inclusive design barriers across codebases and live URLs.

Test Standards Enforcer

Enforces modern testing best practices and quality gates by validating patterns, naming, and coverage thresholds.

Test Data Management

Simplifies the creation and maintenance of robust test datasets through factories, fixtures, and automated seeding strategies.

Test Execution & Analysis

Executes comprehensive test suites across backend and frontend environments with automated failure analysis and coverage reporting.

Unit Testing Patterns

Implements robust unit testing patterns and best practices for TypeScript and Python using the AAA pattern and optimized fixtures.

Web Dependency Security Scanner

Scans deployed websites to identify outdated frontend libraries, CMS vulnerabilities, and missing security headers without requiring source code access.

AI Defense-in-Depth

Implements a robust 8-layer security architecture to harden AI pipelines and protect LLM integrations from end-to-end.

Security Scanning

Automates vulnerability detection for dependencies, source code, and containers using industry-standard security tools.

Modern Authentication Patterns

Implements production-ready authentication and authorization workflows using modern security standards like OAuth 2.1, Passkeys, and Argon2id.

Webapp Testing & Playwright Automation

Automates end-to-end web testing using Playwright's autonomous agents for planning, generating, and self-healing tests.

MSW API Mocking

Intercepts and mocks network requests using Mock Service Worker 2.x to create deterministic frontend tests for REST, GraphQL, and WebSockets.

Input Validation & Sanitization

Implements secure input validation and sanitization patterns using Zod and Pydantic to prevent injection attacks and ensure data integrity.

Community Escalation Framework

Standardizes community incident management through tiered response protocols, stakeholder mapping, and cross-functional coordination.

Integration Testing Patterns

Implements robust integration testing patterns for APIs, databases, and complex component interactions across modern tech stacks.

Evidence Verification

Verifies development tasks and code changes by collecting verifiable proof including test results, build outputs, and exit codes.

LLM Safety Patterns

Implements production-grade security patterns for LLM integrations to defend against prompt injection and prevent hallucinations.

VCR.py HTTP Recording

Records and replays HTTP interactions for Python tests to create deterministic, network-independent, and cost-effective test environments.

AI & LLM Testing Patterns

Implements deterministic testing patterns for AI applications using DeepEval, RAGAS, and advanced mocking strategies.