Security & Testing Habilidades de Claude

Smack Policy Auditor

Audits SMACK policy files for label conflicts, correctness, and mandatory access control compliance in Tizen environments.

Cosmos Vulnerability Scanner

Scans Cosmos SDK blockchains and CosmWasm contracts to detect consensus-critical vulnerabilities and security flaws.

Requirement Clarification

Ensures implementation accuracy by prompting for clarification whenever task requirements are ambiguous or underspecified.

Tizen SMACK Label Orchestrator

Coordinates mandatory access control labels and process isolation for Tizen applications and kernel security.

CodeQL Static Analysis

Performs deep semantic code analysis to detect security vulnerabilities, track data flow, and conduct comprehensive security audits.

LibFuzzer Security Testing

Automates the discovery of software vulnerabilities using coverage-guided fuzzing patterns and security best practices.

Sharp Edges Security Auditor

Identifies error-prone API designs and dangerous configuration patterns to prevent security vulnerabilities and misuse.

Burp Suite Security Testing

Conducts professional-grade web application security audits and penetration testing using the Burp Suite ecosystem.

Cynara Policy Validator

Validates Cynara privilege access control policies to ensure secure and compliant Tizen application environments.

Spec-to-Code Compliance

Verifies that blockchain protocol implementations strictly adhere to their technical specifications and whitepapers during security audits.

Constant Time Analysis

Identifies timing side-channel vulnerabilities and non-constant-time operations in cryptographic implementations across multiple programming languages.

Theater Code Detection

Identifies non-functional code that appears complete but lacks operational logic to ensure production reliability.

Playwright E2E Testing

Enforces standardized end-to-end testing workflows using Playwright with custom fixtures and Page Object Models.

TDD Workflow for Claude Code

Enforces a strict Red-Green-Refactor cycle for software development tasks using automated gate hooks and evidence tracking.

Terraform Test Expert

Validates infrastructure-as-code configurations using the native Terraform testing framework and .tftest.hcl patterns.

Sandbox Security

Executes untrusted code and system commands in secure, isolated microVMs to protect the host environment.

Polar Integration Validator

Validates and secures Polar.sh billing integrations by checking webhooks, signatures, and environment configurations.

Test-Driven Development Workflow

Guides the Red-Green-Refactor cycle to ensure high-quality, verified code through test-first development.

Verification Before Completion

Enforces a strict evidence-first workflow by requiring fresh command output and verification before any task is marked as complete.

Reverse Engineering

Performs deep binary analysis, decompilation, and vulnerability research using Ghidra, IDA Pro, and radare2 integration.

Security Audit

Performs systematic security reviews of application code, dependencies, and configurations to identify vulnerabilities and suggest remediation strategies.

API Testing & Integration

Builds and manages comprehensive API test suites using modern Node.js and TypeScript frameworks like Jest and Vitest.

Advanced Testing Strategy

Optimizes software quality through comprehensive testing architectures, multi-layer coverage strategies, and resilient test design patterns.

Accessibility Auditor

Audits web and mobile applications for WCAG 2.2 AA compliance using automated tools, manual findings, and deep code analysis.

Verification & Quality Assurance

Ensures codebase reliability through automated truth scoring, quality verification, and instant git-based rollback systems.

Security Reviewer

Analyzes code for OWASP Top 10 vulnerabilities, secrets exposure, and insecure implementation patterns to ensure production-grade security.

Security Best Practices & Patterns

Implements production-grade security patterns and OWASP best practices for authentication, input validation, and data protection.

Testing Patterns

Implements standardized testing patterns for unit, integration, and E2E tests with built-in mocks for modern cloud services.

Rails TDD Workflow

Implements a disciplined Test-Driven Development cycle for Ruby on Rails applications using a structured Red-Green-Refactor framework.

Debugging Memory

Prevents redundant troubleshooting by integrating a persistent, searchable memory system for software bugs and resolutions.