Security & Testing Claudeスキル

Advanced Debugging Strategies

Employs systematic troubleshooting techniques and profiling tools to identify and resolve complex software defects and performance bottlenecks.

Systematic Debugging Strategies

Implements methodical troubleshooting techniques and root cause analysis to efficiently resolve complex software bugs across multiple tech stacks.

Cloud Secrets Management

Implements secure handling of credentials and sensitive data within CI/CD pipelines and cloud environments.

Stable Version Auditor

Audits and manages technical stack versions to ensure stability and security through LTS and EOL tracking.

OSS License Compliance

Automates Open Source Software (OSS) license auditing and compliance checks across multiple tech stacks to mitigate legal and commercial risks.

Test-Driven Development (TDD)

Enforces a disciplined Red-Green-Refactor workflow to ensure high-quality code through test-first implementation.

Systematic Debugging

Enforces a rigorous four-phase methodology to identify root causes and implement verified fixes for complex technical issues.

Web App Testing & Playwright Automation

Automates end-to-end testing and browser interactions for local web applications using Playwright and managed server lifecycles.

Test-Driven Development (TDD)

Enforces a rigorous Red-Green-Refactor workflow to ensure high-quality, verified production code through test-first implementation.

Strict Output Verification

Enforces an evidence-based workflow that requires running verification commands before claiming task completion or creating pull requests.

Systematic Debugging Agent

Enforces a rigorous four-phase protocol to identify root causes and implement verified fixes for complex technical issues.

Enhanced Dependency Analyzer

Analyzes and optimizes frontend project dependencies with detailed markdown reporting and automated cleanup scripts.

Bknd Permission Manager

Configures fine-grained role permissions and conditional access control policies for Bknd.io backend applications.

Integration & E2E Testing Pro

Optimizes software quality using ROI-driven design principles, behavior-first skeletons, and automated review criteria for integration and end-to-end tests.

Strict Verification Guard

Enforces rigorous, evidence-based validation gates and fresh test execution before any coding task is marked as complete.

Auth Implementation Patterns

Implements secure authentication and authorization systems including JWT, OAuth2, and RBAC using industry-standard security patterns.

Vulnerability Scanner

Audits application codebases for security vulnerabilities using OWASP 2025 principles and automated scanning methodologies.

Unit Test Loop

Automates the iterative cycle of identifying coverage gaps, writing focused unit tests, and maintaining code quality through integrated reviews.

IDOR Security Testing

Identifies and remediates Insecure Direct Object Reference (IDOR) vulnerabilities through systematic testing and exploitation methodologies.

SDD Root Cause Analysis & Troubleshooting

Resolves software bugs and system errors through a systematic root cause analysis framework aligned with project specifications.

Playwright Expert

Builds production-grade end-to-end testing infrastructure and resolves complex browser automation challenges.

Playwright Test Generator

Generates production-ready Playwright E2E tests from natural language specifications using TypeScript and industry best practices.

E2E Test Loop for Playwright

Automates the creation and execution of end-to-end browser tests using Playwright and the page object pattern.

TDD Workflow

Enforces strict Test-Driven Development discipline by mandating a Red-Green-Refactor cycle for all code changes.

Testing Principles & TDD

Implements language-agnostic testing standards, TDD workflows, and best practices to ensure high-quality, reliable codebases.

Review Workflow Design

Automates spec-based implementation reviews with visual verification and structured issue classification.

ERC-4337 Privacy Wallet Dev

Develops privacy-preserving ERC-4337 account abstraction wallets for sensitive data like vehicle identities and biometric information.

IDOR Vulnerability Testing

Provides systematic methodologies for detecting, exploiting, and remediating Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.

Eval Harness for Claude Code

Implements Eval-Driven Development (EDD) principles to systematically test, evaluate, and validate Claude's coding output through formal frameworks.

TypeScript Testing Runner

Executes and reports on TypeScript unit and integration tests using a dedicated subagent for enhanced reliability and safety.