Security & Testing Claudeスキル

Security Audit

Conducts comprehensive codebase security reviews to identify OWASP vulnerabilities, exposed secrets, and dependency risks.

Systematic Debugging

Enforces a rigorous, four-phase debugging methodology to identify root causes and implement stable fixes without guesswork.

Rigorous Verification Guard

Enforces a strict evidence-based workflow requiring successful command execution and output validation before any task is marked as complete.

Council Verification & Multi-Model Validation

Verifies code implementation and document accuracy using multi-model consensus to ensure high-quality, machine-actionable results.

TypeScript Testing Pro

Implements professional TypeScript testing patterns using Jest and Vitest to ensure high-quality, reliable code.

Python Testing Specialist

Implements comprehensive Python testing strategies using pytest, including unit tests, integration tests, and advanced mocking patterns.

Security Ownership Map & Git Risk Analyzer

Analyzes Git history to map code ownership, identify security risks like low bus factors, and visualize developer-to-file topologies.

Cross-Distro E2E Container Testing

Automates end-to-end installer testing within isolated Docker containers across multiple Linux distributions like Ubuntu, Debian, and Fedora.

Test-Driven Development (TDD)

Enforces a strict test-first development workflow by requiring failing tests before any production code is written.

OpenSpec Change Verifier

Validates that code implementations align perfectly with specifications, tasks, and design documents before archiving changes.

Fractary Artifact Validator

Automates the validation of Claude agents, skills, and commands against standardized architectural and formatting requirements.

QA Screenshot Management

Standardizes screenshot capture, naming, and organization to ensure visual traceability and consistency during QA testing.

OAuth Implementation

Implements secure OAuth 2.0 and OpenID Connect authentication flows using standardized industry patterns and security best practices.

QA Test Management

Manages the end-to-end QA test lifecycle with automated naming conventions, directory structures, and traceability to requirements.

RAG/CAG Security Patterns

Secures retrieval-augmented and cache-augmented generation systems through multi-tenant isolation, document-level access control, and prompt injection prevention.

TDD Methodology

Implements a rigorous test-driven development workflow with spec traceability and multi-tier testing patterns.

QA Screenshot Validation

Validates UI screenshots for layout integrity, element clipping, and rendering issues with intelligent viewport handling.

Vibesafe Code Generation & Testing

Manages the Vibesafe toolchain to scan units, generate implementations from specifications, and run quality tests within Claude Code.

Adaptive Code Reviewer

Performs multi-layered code quality checks and security scans with adaptive effort scaling to ensure production-ready commits.

Data Quality & Testing

Ensures data integrity and software reliability through robust testing frameworks, schema validation, and automated quality assurance patterns.

Angular Testing & Deployment

Streamlines Angular application quality assurance through comprehensive unit testing, Cypress E2E automation, and production-ready deployment workflows.

GitHub Speckit Tester

Orchestrates the complete Speckit workflow pipeline non-interactively using subagents to automate the transition from specification to implementation.

Security Hint

Identifies potential security vulnerabilities and secret exposures in real-time to promote safer development practices.

Rails TDD Workflow

Implements a disciplined Test-Driven Development cycle for Ruby on Rails applications using a structured Red-Green-Refactor framework.

Testing Patterns

Implements standardized testing patterns for unit, integration, and E2E tests with built-in mocks for modern cloud services.

Security Reviewer

Analyzes code for OWASP Top 10 vulnerabilities, secrets exposure, and insecure implementation patterns to ensure production-grade security.

Security Best Practices & Patterns

Implements production-grade security patterns and OWASP best practices for authentication, input validation, and data protection.

OWASP Security Reviewer

Performs automated security audits and OWASP Top 10 compliance checks on pull requests, commits, or entire codebases.

Systematic Bug Fixer

Resolves software defects through automated test-driven reproduction, root cause analysis, and rigorous regression verification.

Team Review

Orchestrates a multi-agent team of specialized AI reviewers to perform comprehensive security, architectural, and performance code reviews.