Security & Testing Claudeスキル

.NET Test Triage

Automates .NET test failure analysis by capturing logs, generating markdown summaries, and creating focused rerun filters.

Attack Tree Construction

Builds systematic attack trees to visualize potential threat paths and identify critical security vulnerabilities.

UI Smoke & E2E Testing

Guides the execution of UI smoke tests and Playwright E2E suites to validate frontend changes and navigation flows.

Threat Mitigation Mapping

Maps identified security threats to specific technical controls and mitigations to strengthen system architecture and defense-in-depth.

WCAG Accessibility Audit Patterns

Performs comprehensive web accessibility audits and provides remediation strategies based on WCAG 2.2 standards.

JavaScript Testing Patterns

Implements robust testing strategies for JavaScript and TypeScript applications using modern frameworks like Jest and Vitest.

Authentication & Authorization Patterns

Implements secure, scalable access control systems using modern patterns like JWT, OAuth2, and RBAC.

Baseline Governance

Enforces quality standards and prevents software regressions by implementing a "ratchet" mechanism for core project metrics.

Security Scanner

Performs automated security audits, secret detection, and vulnerability scanning across codebases, containers, and infrastructure.

Financial Calculation Correctness & Excel Parity

Validates financial logic against Excel models to ensure numerical accuracy and parity across IRR, waterfalls, and complex cash flow computations.

Test Fixture Generator

Standardizes the creation of maintainable, type-safe test data through factories and golden datasets to ensure consistent testing environments.

SimpleCov Test Coverage Agent

Analyzes and improves Ruby and Rails test coverage using SimpleCov and automated quality metrics.

Cucumber & Gherkin BDD

Implements Behavior-Driven Development (BDD) using Gherkin syntax and Cucumber step definitions across multiple programming languages.

JavaScript Unit Testing Expert

Generates maintainable, reliable JavaScript and TypeScript unit tests using Jest and industry-standard patterns.

Solidity Security Patterns

Implements secure smart contract development patterns and audits Solidity code for common blockchain vulnerabilities.

Web3 Smart Contract Testing

Facilitates comprehensive smart contract testing using Hardhat and Foundry to ensure security and gas efficiency in blockchain applications.

Playwright Best Practices

Enhances Claude Code with expert guidance for writing reliable, maintainable, and accessible Playwright end-to-end tests.

SAST Security Configuration

Configures Static Application Security Testing (SAST) tools to automate vulnerability detection and enforce security policies across the software development lifecycle.

Verified Completion Guard

Enforces rigorous verification and evidence-based reporting before claiming task completion or submitting code changes.

Testing Strategy Assistant

Designs comprehensive QA strategies and systematic testing workflows to ensure high-quality, production-ready code.

Memory Forensics

Master memory acquisition and forensic analysis to investigate security incidents and analyze malware behavior from RAM captures.

Bats Testing Patterns

Provides comprehensive guidance and implementation patterns for the Bash Automated Testing System (Bats) to ensure robust shell script quality.

Dependency Upgrade & Framework Migration

Manages major software dependency upgrades through compatibility analysis, staged rollout strategies, and comprehensive validation testing.

Security Review & Vulnerability Analysis

Performs systematic security audits and vulnerability assessments based on OWASP guidelines to ensure robust application architecture.

GDPR Data Handling & Privacy Compliance

Implements GDPR-compliant data processing, consent management systems, and privacy-by-design controls for applications handling EU personal data.

Test-Driven Development (TDD)

Enforces a rigorous Red-Green-Refactor workflow to ensure all production code is verified by failing tests before implementation.

Security Attack Tree Builder

Generates systematic attack path visualizations and threat models to identify defense gaps and communicate security risks.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress to ensure application reliability and prevent regressions.

STRIDE Threat Analysis Patterns

Identifies system vulnerabilities and security risks using the industry-standard STRIDE threat modeling methodology.

Temporal Python Testing

Implements robust testing strategies for Temporal workflows using pytest, time-skipping, and activity mocking.