Security & Testing Claudeスキル

Kubernetes Security Policies

Implements production-grade Kubernetes security policies including NetworkPolicy, RBAC, and Pod Security Standards to ensure cluster-wide defense-in-depth.

API Security Audit

Analyzes REST and RPC APIs for security vulnerabilities aligned with the OWASP API Security Top 10.

Systematic Debugging

Enforces a rigorous four-phase framework to identify root causes and eliminate guess-and-check thrashing during the software debugging process.

Fuzz Test Generation

Generates intelligent, context-aware fuzz test inputs and security test cases by analyzing application input parsers and data handlers.

JavaScript Testing Patterns

Implement robust testing strategies for JavaScript and TypeScript applications using modern frameworks like Jest and Vitest.

SSRF Security Audit

Analyzes source code to identify and mitigate Server-Side Request Forgery (SSRF) vulnerabilities and unauthorized internal network access.

MITRE ATT&CK Security Mapper

Enriches security findings by mapping vulnerabilities to the MITRE ATT&CK framework to visualize threat patterns and attack chains.

Ark Vulnerability Fixer

Streamlines CVE research and automates security patch workflows for the Ark agentic resource platform.

AppSec Project Assessment

Analyzes codebase architecture, tech stacks, and data sensitivity to recommend a prioritized security testing strategy.

Access Control Security Auditor

Analyzes source code to identify and remediate broken access control vulnerabilities including IDOR, CORS leaks, and privilege escalation.

Doc Detective Testing

Verifies documentation procedures by converting them into executable Doc Detective test specifications and validating them automatically.

Auth0 Authentication Patterns

Implements secure Auth0 authentication patterns, including machine-to-machine authorization, user management, and role-based access control.

Coverage Analysis Pro

Analyzes code coverage metrics and implements testing patterns to improve software quality and reliability.

Zero Script QA

Implements a scriptless testing methodology using structured JSON logging and real-time Docker monitoring for AI-driven verification.

AppSec Logging Auditor

Analyzes source code to identify security logging failures, sensitive data exposure in logs, and improper monitoring configurations.

Security Regression Detection

Prevents the reintroduction of security vulnerabilities by verifying historical fixes against current code changes.

Ark Chainsaw Testing

Executes and authors end-to-end tests for Ark agentic resources using the Chainsaw testing framework.

Data Integrity & Tampering Analysis

Identifies security vulnerabilities related to unauthorized data modification and injection attacks using the STRIDE threat model.

Skill Testing Framework

Automates the creation, execution, and validation of unit, integration, and regression tests to ensure skill reliability.

Auth0 Next.js Integration

Implements robust Auth0 authentication and authorization patterns for Next.js applications.

Skill Debugging Assistant

Diagnoses and resolves issues with Claude Code skills, including trigger failures, instruction conflicts, and structural validation errors.

Non-Repudiation Privacy Analyzer

Analyzes source code for privacy risks where excessive accountability and irrefutable logging compromise user plausible deniability.

Security Analysis & Vulnerability Scanner

Performs comprehensive security vulnerability scanning and ensures OWASP Top 10 compliance across your codebase.

Plaited Test Greeting

Provides a standardized greeting with test markers to verify Claude Code skill integration.

Skill Security Analyzer

Analyzes Claude skills for security risks, vulnerabilities, and safety concerns prior to deployment or execution.

QA Test Planner

Generates comprehensive test plans, manual test cases, and regression suites while validating implementation against Figma designs.

Scientific Python Testing

Implements robust, community-standard testing patterns for scientific Python packages using pytest and NumPy.

Konflux Build Provenance Tracer

Traces Konflux container images back to their source code, build logs, and SLSA attestations for complete supply chain visibility.

Hedera Hackathon Submission Validator

Evaluates Hedera hackathon projects against official judging criteria to provide weighted scores and actionable codebase improvements.

Workflow Testing with Subagents

Validates the clarity of orchestrator prompts and workflow documentation by simulating real-world execution failures with subagents.