Security & Testing Claudeスキル

Security Best Practices

Implements robust security patterns and mitigates common vulnerabilities using industry-standard protocols and OWASP guidelines.

Shared Development Patterns

Provides a centralized library of architectural patterns for testing, security, and API design to ensure consistency across AI-driven development.

Advanced Testing & Quality Engineering

Implements sophisticated testing strategies including E2E, mutation, and property-based testing to ensure production-grade software reliability.

Security Infrastructure

Hardens application infrastructure through security headers, encryption standards, and regulatory compliance enforcement.

Agent Testing with Subagents

Implements a strict Test-Driven Development (TDD) methodology for AI agents to ensure accurate, well-structured, and reliable outputs.

Test-Driven Development (TDD) Enforcer

Enforces the Red-Green-Refactor methodology with strict quality gates and mandatory code deletion for violations.

Multi-Agent Parallel Code Review

Dispatches specialized AI reviewers in parallel to provide comprehensive feedback on architecture, business logic, and security vulnerabilities.

Regulatory Template Mapping Gate 1

Maps regulatory template placeholders to backend data sources while enforcing strict naming conventions and audit-ready data lineage.

Performance Benchmark Specialist

Designs and executes rigorous performance benchmarks for shell-based tools using statistical analysis and automated validation.

Dockerfile Security & Best Practices

Automates Dockerfile security auditing and best practice validation using Hadolint and CIS Docker Benchmarks.

Jest React Testing

Implements comprehensive React component testing patterns using Jest and React Testing Library, covering configuration, mocking, and asynchronous interaction strategies.

Pytest Patterns

Implements robust Python testing suites using advanced pytest patterns for fixtures, mocking, and parametrization.

Pytest Advanced Support Testing

Implements advanced Python unit and integration testing patterns for complex backend support systems using the pytest framework.

Systematic Debugging

Enforces a disciplined, four-phase approach to identifying and resolving software bugs at their root cause.

Paper Test Code Auditor

Systematically traces code logic line-by-line with concrete values to identify bugs, edge cases, and AI hallucinations.

TDD Companion for Drupal

Enforces a strict Red-Green-Refactor workflow to ensure all code is covered by tests before implementation begins.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor cycle to ensure code reliability and quality through test-first implementation.

Verification Before Completion

Enforces rigorous command-based verification and evidence collection before any task is marked as complete or successful.

Web Application Testing

Automates end-to-end testing and UI verification for local web applications using Playwright and automated server management.

Code Quality Audit

Performs comprehensive code quality and security audits for Drupal and Next.js projects using industry-standard tooling and automated workflows.

Deno Sandbox

Executes untrusted or AI-generated code within secure, isolated Firecracker microVMs using the @deno/sandbox SDK.

OAuth2 Authentication

Implements secure authentication and authorization systems using OAuth2 and OpenID Connect protocols with industry-standard security patterns.

Nuclei DAST Security Scanner

Performs automated web application and infrastructure vulnerability scanning using community-driven template-based detection patterns.

Fix Code Vulnerability

Identifies, analyzes, and remediates security vulnerabilities by following a systematic workflow for testing, data flow tracing, and defensive implementation.

Strict Verification Before Completion

Enforces a rigorous verification workflow requiring empirical evidence before any task is marked as complete or successful.

FFUF Web Fuzzing Expert

Optimizes web fuzzing and security reconnaissance using FFUF for directory discovery and authenticated API testing.

Git Repository Sanitization

Identifies and replaces sensitive credentials, API keys, and tokens within git repositories to ensure secure codebase sharing and auditing.

Headless Terminal

Implements programmatic terminal interfaces to control interactive shell sessions and automate command-line program interactions.

Path Tracing Reverse Engineering

Reconstructs source code from compiled binaries with a focus on achieving byte-for-byte identical output and exact functional parity.

Git Repository Sanitization

Identifies and removes sensitive credentials, API keys, and private tokens from git repositories and version control history.