Security & Testing Claudeスキル

Running Performance Benchmarks

Executes comprehensive performance audits, load tests, and regression analysis for API endpoints to ensure system stability and optimization efficiency.

Testing Handbook Generator

Generates comprehensive security testing handbooks and strategy guides to streamline audit workflows.

Security Assistant

Secures software and infrastructure through automated vulnerability scanning, compliance enforcement, and comprehensive threat modeling.

Security Audit

Performs systematic security reviews of application code, dependencies, and configurations to identify vulnerabilities and suggest remediation strategies.

Secure Auth & Access Control Patterns

Implements secure authentication and authorization systems using JWT, OAuth2, and role-based access control (RBAC) patterns.

Security Patterns

Implements industry-standard security best practices for secret management, input validation, and secure coding patterns.

API Testing & Integration

Builds and manages comprehensive API test suites using modern Node.js and TypeScript frameworks like Jest and Vitest.

JavaScript Testing Patterns

Implements robust testing strategies for JavaScript and TypeScript applications using Jest, Vitest, and modern testing libraries.

Substitute Eraser

Scans codebases for placeholders, TODOs, and stubs to generate structured remediation plans for technical debt.

Tizen Static Security Analyzer

Detects memory leaks, buffer overflows, and coding vulnerabilities in Tizen C/C++ and JavaScript applications using specialized static analysis.

Substrate Vulnerability Scanner

Identifies seven critical security vulnerabilities in Substrate and Polkadot pallets during the development and auditing process.

Web3 Smart Contract Testing

Streamlines smart contract validation using Hardhat and Foundry to ensure secure, gas-efficient, and production-ready blockchain code.

Python Testing Patterns

Implements robust Python testing strategies using pytest, mocking, and test-driven development best practices.

Tizen Compliance Checker

Validates Tizen application compliance with official TCT standards across IoT, TV, and mobile profiles.

Solana Vulnerability Scanner

Scans Solana and Anchor programs for critical security vulnerabilities to ensure smart contract integrity.

Smack Policy Auditor

Audits SMACK policy files for label conflicts, correctness, and mandatory access control compliance in Tizen environments.

Smack Policy Generator

Generates SMACK mandatory access control policy files to ensure process isolation and secure resource access for Tizen applications.

Verification Before Completion

Enforces a strict evidence-first workflow by requiring fresh command output and verification before any task is marked as complete.

Vibesafe

Manages the Vibesafe toolchain to automate code generation from specifications while ensuring quality through drift detection and automated testing.

Claude Code Permission Manager

Configures granular tool permissions and security rules within Claude Code to protect sensitive files and manage access.

Root Cause Tracing

Traces software bugs backward through the call stack to identify and resolve the original trigger rather than just treating symptoms.

Scale Game Problem Solving

Exposes architectural weaknesses and fundamental truths by stress-testing software concepts at extreme scales.

Test-Driven Development Workflow

Guides the Red-Green-Refactor cycle to ensure high-quality, verified code through test-first development.

Project Production Auditor

Performs automated production-readiness audits to identify security risks, code quality issues, and infrastructure gaps in AI-generated projects.

Accessibility Auditor

Audits web and mobile applications for WCAG 2.2 AA compliance using automated tools, manual findings, and deep code analysis.

GitHub Copilot MCP Integration

Enables advanced codebase analysis and specialized AI development tools by bridging Claude with the GitHub Copilot CLI.

TON Smart Contract Vulnerability Scanner

Audits TON blockchain smart contracts written in FunC to identify critical security vulnerabilities and logic errors.

Semgrep Static Analysis

Performs high-speed static analysis and security scanning to identify vulnerabilities and enforce custom code patterns.

ESBMC Formal Verification

Verifies code correctness and detects complex bugs using SMT-based formal methods for C, C++, Python, and more.

Semgrep Rule Creator

Generates custom Semgrep rules to detect security vulnerabilities and logic bugs within source code.