Security & Testing Claudeスキル

PopKit Security Assessment

Automates security audits for Claude Code plugins using vulnerability patterns, secret scanning, and OWASP-aligned checklists.

Vitest v4 Testing Suite

Provides comprehensive Vitest v4 guidance for TypeScript and React/Next.js projects to help users write, debug, and maintain high-quality tests.

Scientific Python Testing

Implements robust testing for scientific Python packages using pytest best practices and community-standard guidelines.

Bulloak BTT Architect

Generates structured Bulloak tree specifications and Solidity test scaffolds using the Branching Tree Technique.

SDK Testing Setup

Configures automated contract testing, Arazzo workflows, and integration tests for Speakeasy-generated SDKs.

Test-Driven Development (TDD) Mastery

Enforces a strict Red-Green-Refactor workflow to ensure high-quality, bug-free production code through test-first development.

Security Architecture Navigator

Routes users to specialized security architecture skills including threat modeling, compliance mapping, and secure design patterns.

Property Testing with fast-check

Implements property-based testing to validate complex business logic invariants across all possible input ranges.

CW-Validate Implementation Validator

Validates software implementations against structured specifications using six mandatory quality gates and automated proof verification.

Test Coverage & Quality Analysis

Automates test execution, coverage reporting, and TDD validation to maintain high code quality across multiple programming languages.

DLC Security Scan

Performs automated security audits including dependency checks, SAST analysis, and secret detection with integrated GitHub issue reporting.

Pop Sandbox Manager

Provides secure, ephemeral E2B sandboxes for isolated code execution and multi-agent swarm orchestration within Claude Code.

Dev Life Cycle Quality Gates

Automates comprehensive software development quality gates including security scans, code audits, performance analysis, and PR management.

System Architect

Evaluates architectural quality, catalogs technical debt, and generates risk-based improvement roadmaps for legacy and complex codebases.

Writing Good Tests

Implements a robust testing philosophy focused on integration patterns, condition-based waiting, and strategic mocking.

Patch Engineer

Evaluates and improves security patches with senior-level expertise in vulnerability remediation, secure coding patterns, and regression prevention.

Security Custom Rules

Empowers developers to design, validate, and implement tailored security linting rules using Semgrep and Bandit syntax.

Claude Plugin Validator & Auditor

Ensures Claude Code plugins meet quality standards by validating metadata frontmatter and auditing scripts for silent execution failures.

Defense-in-Depth Validation

Implements multi-layered data validation strategies to prevent deep-execution bugs and ensure structural system reliability.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure high-quality code through mandatory failing tests before implementation.

Codex CLI Automation & Testing

Integrates the Codex CLI with Claude Code to automate testing, debugging, and complex code analysis using gpt-5-codex.

Systematic Debugging Framework

Implements a rigorous four-phase methodology to identify root causes and ensure reliable software fixes before implementation.

Verification Before Completion

Enforces rigorous evidence-based reporting by requiring fresh verification command output before any task is marked as finished.

Invalid Name Test Fixture

Provides a malformed skill configuration to test naming convention validation and linting logic within Claude Code.

Valid Skill Test Fixture

Provides a standardized skill template used for validating and testing Claude Code plugin integrations.

Skill Testing with Subagents

Verifies Claude skills and process documentation using a Red-Green-Refactor cycle to ensure compliance under pressure.

Doppler Secrets Management

Streamlines secrets management and environment variable injection using the Doppler CLI for secure, scalable application development.

Verification Loop

Automates a multi-phase quality assurance pipeline to ensure code integrity, type safety, and security before deployment.

Security Analyst

Performs expert-level security audits, vulnerability assessments, and compliance mapping using industry standards like OWASP and CVSS v3.1.

Neovim Config Auditor

Audits and optimizes Neovim configurations by detecting deprecated APIs, validating best practices, and performing health checks.