Security & Testing Claudeスキル

Defense-in-Depth Validation

Implements multi-layered data validation and Shannon validation gates to eliminate bugs structurally across every system layer.

SAST Configuration & Security Scanning

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within your application code.

Dojo Code Review

Reviews Dojo engine smart contracts for security, gas efficiency, and ECS architecture best practices.

Bats Testing Patterns

Master the Bash Automated Testing System (Bats) to write robust unit and integration tests for shell scripts and utilities.

Security & Compliance Agent

Secures backend applications against OWASP threats and ensures regulatory compliance through automated scanning and robust authentication patterns.

Binary Reverse Engineering Toolkit

Decompiles and analyzes binary files to reconstruct source code, document protocols, and understand low-level logic.

Package Security Scanner

Audits Python and Node packages for malicious patterns and security vulnerabilities before they are installed in your environment.

Automated Security Auditing with Sigil

Scans repositories and directories for security threats and malicious patterns to ensure safe code execution and dependency management.

Sigil Quarantine Review

Audits and manages quarantined code items to ensure security compliance before integration into active development environments.

Root Cause Tracing & Debugging

Systematically traces execution errors back through the call stack to identify and fix original triggers rather than surface symptoms.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, mocking, and test-driven development best practices.

Sigil Security Review

Manages and audits quarantined code items to ensure security before integration into the working directory.

Next.js Frontend Testing

Configures and implements unit, component, and end-to-end testing suites for modern Next.js applications using Vitest, React Testing Library, and Playwright.

Sigil Package Security Scanner

Protects development environments by auditing pip and npm packages for malicious patterns before installation.

Sigil Security File Scanner

Analyzes specific files for security vulnerabilities, malicious patterns, and credential exposure to ensure safe code execution and integration.

AI Data Poisoning Red Teaming

Tests AI training pipelines for data poisoning vulnerabilities and backdoor injection to ensure model integrity.

API Testing & Quality Assurance

Implements comprehensive API testing strategies including unit, integration, contract, and load testing patterns to ensure robust backend services.

Solidity Security

Hardens Ethereum smart contracts against vulnerabilities using industry-standard security patterns and gas optimization techniques.

AI QA Engineer & UI Automation

Performs intent-based UI automation testing with Playwright, featuring auto-healing for failed steps and deep UX/UI improvement analysis.

Playwright E2E Testing

Implements robust, maintainable end-to-end testing suites using Playwright, Page Object Models, and automated CI/CD workflows.

Exa Data Privacy & Compliance

Implements PII redaction, data retention policies, and GDPR/CCPA compliance patterns for Exa integrations.

AIDA Project Fixer

Automates the process of fixing full-stack projects to pass 19 comprehensive quality gates, including testing, coverage, and integration standards.

AIDA: Multi-Agent Project Generator

Generates complete, production-ready projects using multi-agent orchestration with strict TDD and quality gate enforcement.

Performance, Accessibility & Security

Optimizes React applications for speed, inclusive design, and security hardening using production-ready patterns.

Systematic Debugging

Eliminates software bugs by enforcing a rigorous, four-phase root cause analysis process before any code changes are made.

Sandbox Configuration

Manages Claude's sandboxing and isolation features for secure code execution and environment management.

Database Security Scanner

Automates vulnerability detection and security auditing for SQL and NoSQL databases to ensure compliance and data protection.

Test-Driven Development (TDD) Mastery

Enforces a strict Red-Green-Refactor workflow to ensure high code quality and reliable software delivery.

Command Permission Manager (cc-allow)

Manages fine-grained bash command permissions and security policies for Claude Code execution.

Lima Sandbox Testing

Runs Claude Code integration and end-to-end tests within isolated Lima virtual machine sandboxes.