Security & Testing Claudeスキル

Dependency Guardian

Manages project dependencies with automated security scanning, intelligent update orchestration, and license compliance audits.

Root Cause Tracing

Identifies the origin of deep-seated bugs by systematically tracing errors backward through the call stack to the original trigger point.

Systematic Debugging

Implements a disciplined, four-phase framework to identify root causes and eliminate bugs without trial-and-error thrashing.

Test Environment Manager

Orchestrates isolated, reproducible test environments using Docker Compose and Testcontainers to streamline software verification.

SQL Injection Detector

Scans codebases to identify SQL injection vulnerabilities and provides actionable remediation guidance to secure database interactions.

Validator Role Skill

Ensures software quality and security through rigorous testing, coverage analysis, and automated code review workflows.

Security Incident Responder

Guides users through the complete security incident response lifecycle, from initial containment and investigation to remediation and post-mortem analysis.

HIPAA Compliance Checker

Scans codebases and infrastructure configurations to identify potential HIPAA compliance violations and security vulnerabilities.

Test Environment Manager

Orchestrates isolated test environments using Docker Compose and Testcontainers to ensure consistent and reproducible software testing.

Browser Compatibility Tester

Automates cross-browser testing across multiple platforms and devices to ensure consistent web application performance and visual fidelity.

Condition-Based Waiting

Eliminates flaky tests by replacing arbitrary delays with reliable condition-based polling logic.

Kubernetes Security Policies

Implement production-grade Kubernetes security using NetworkPolicies, Pod Security Standards, and RBAC.

ATDD Assistant

Guides teams through the Acceptance Test-Driven Development workflow by defining testable criteria and streamlining specification workshops.

Secret Scanner & Credential Guard

Scans codebases for exposed API keys, passwords, and sensitive credentials using pattern matching and entropy analysis to prevent security breaches.

Test Workflow Orchestrator

Orchestrates complex test execution graphs with dependency management and parallel processing to optimize CI/CD pipelines.

Web App Testing Suite

Automates web application testing and UI interactions using Playwright and automated server management.

Verification Guard

Enforces rigorous evidence-based reporting by requiring fresh verification results before any task is claimed as complete.

FFUF Web Fuzzing

Guides users through advanced web fuzzing and discovery using FFUF for comprehensive security testing and reconnaissance.

Defense-in-Depth Validation

Implements multi-layered data validation strategies to make software bugs structurally impossible by catching errors at every system layer.

GDPR & DSGVO Compliance Expert

Facilitates comprehensive EU GDPR and German DSGVO compliance through automated auditing, privacy impact assessments, and regulatory guidance.

QMS Audit Expert

Provides expert-level ISO 13485 quality management system auditing, including risk-based planning, nonconformity identification, and CAPA integration.

Access Control Security Auditor

Audits authentication and authorization implementations to identify security vulnerabilities, misconfigurations, and privilege escalation risks.

Database Security Scanner

Performs comprehensive security audits and vulnerability assessments for PostgreSQL and MySQL databases using OWASP guidelines.

OWASP Security Compliance Checker

Performs comprehensive security audits by scanning codebases for OWASP Top 10 vulnerabilities and providing actionable remediation guidance.

Compliance Report Generator

Automates the creation of comprehensive security compliance reports for standards like PCI DSS and HIPAA directly within the development workflow.

Security Pro Pack

Conducts comprehensive security audits, compliance checks, and vulnerability scans across codebases and cloud infrastructure.

Container Security Scanner

Scans container images and running environments for vulnerabilities using industry-standard security tools like Trivy and Snyk.

CORS Policy Validator

Analyzes Cross-Origin Resource Sharing configurations to identify security vulnerabilities and ensure compliant implementation.

E2E Test Framework

Executes comprehensive end-to-end tests to validate full user workflows across the entire application stack.

Secret Scanner

Scans codebases for exposed credentials, API keys, and sensitive secrets using pattern matching and entropy analysis.