Security & Testing Claudeスキル

Maven Build and Test Strategy

Orchestrates parallel Maven builds and intelligent test execution for complex Java and Scala projects.

Quality Gates

Implements multi-level quality verification procedures to ensure code security, performance, and production readiness.

Terraform Test Expert

Validates infrastructure-as-code configurations using the native Terraform testing framework and .tftest.hcl patterns.

Cloudflare Security Checker

Validates Cloudflare Workers security patterns in real-time to prevent vulnerabilities and enforce serverless best practices.

Auth Security Validator

Validates authentication and session management configurations against OWASP security standards to prevent common vulnerabilities.

ast-grep

Performs AST-based code search, linting, and structural refactoring across multiple programming languages.

TDD Workflow for Claude Code

Enforces a strict Red-Green-Refactor cycle for software development tasks using automated gate hooks and evidence tracking.

Theater Code Detection

Identifies non-functional code that appears complete but lacks operational logic to ensure production reliability.

Playwright E2E Testing

Enforces standardized end-to-end testing workflows using Playwright with custom fixtures and Page Object Models.

Web Application Testing

Automates local web application testing and UI verification using Playwright and server management utilities.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure all production code is verified by failing tests before implementation.

Python Testing Patterns

Implements professional Python testing strategies using pytest, advanced fixtures, and comprehensive mocking techniques.

RSpec Testing Patterns

Implements enterprise-grade RSpec testing patterns for robust Ruby on Rails application development.

Global Security

Guides AI-assisted coding to adhere to established global security standards and best practices.

Ark Chainsaw Testing

Executes and scaffolds end-to-end Ark resource tests using the Chainsaw framework and mock-LLM configurations.

Testify Go TDD Assistant

Implements Go unit tests and mocks using the Testify framework following Test-Driven Development best practices.

Framework Repair Suggester

Diagnoses framework and tooling malfunctions to propose structured, systematic repair strategies and task templates.

AST-Grep Code Search

Performs sophisticated structural code searches and architectural analysis using Abstract Syntax Tree patterns.

Web3 Smart Contract Testing

Develops and executes comprehensive test suites for Solidity smart contracts using Hardhat and Foundry frameworks.

Form Security Analyzer

Performs automated static security audits on HTML forms to identify vulnerabilities like missing CSRF protection and insecure data handling.

Code Clone Assistant

Identifies and refactors code duplication using a multi-tool approach to enforce DRY principles and reduce technical debt.

Playwright Security Runner

Automates dynamic security audits and penetration testing for web forms using browser-driven payload execution.

Kubernetes Security Policies

Implements production-grade Kubernetes security configurations including NetworkPolicies, Pod Security Standards, and RBAC to harden cluster environments.

Attack Methods Lookup

Provides detailed web vulnerability intelligence, exploit payloads, and bounty payout estimates for security auditing.

Python Testing Patterns

Implements professional testing strategies for Python applications using pytest, advanced mocking, and test-driven development best practices.

WCAG & ARIA Accessibility Lookup

Provides instant access to WCAG 2.1 AA criteria and WAI-ARIA implementation patterns with official W3C references.

E2E Testing Patterns

Master end-to-end testing with Playwright and Cypress to build reliable, bug-free web applications and automated test suites.

NVD CVE Vulnerability Search

Searches the NIST National Vulnerability Database to identify security vulnerabilities and assess risk scores for software components.

SAST Security Runner

Automates static application security testing using Semgrep to identify vulnerabilities, security anti-patterns, and OWASP Top 10 issues.

Auth Implementation Patterns

Implements secure authentication and authorization systems using modern patterns like JWT, OAuth2, and RBAC.