Security & Testing Claudeスキル

Python Quality Audit

Performs a read-only gap analysis of Python projects by evaluating them against a 9-dimension quality methodology and CI/CD best practices.

Spring Boot Security

Implements industry-standard security patterns and vulnerability mitigations for Java Spring Boot applications.

Security Hint

Identifies potential security vulnerabilities and secret exposures in real-time to promote safer development practices.

Svelte Testing

Facilitates the creation and debugging of Svelte 5 tests using vitest-browser-svelte and Playwright.

Quality Gates

Implements multi-level quality verification procedures to ensure code security, performance, and production readiness.

Parallel Review Plan

Conducts independent, multi-vendor architectural and security reviews of technical plans to ensure robust implementation.

.NET Roslyn Code Analyzers

Integrates real-time Roslyn diagnostics and automated quality gates into the .NET development workflow to ensure code quality and consistency.

Incident Response Commander

Manages IT outages and security incidents using structured workflows for triage, containment, and blameless post-mortem analysis.

Incident Response Commander

Guides technical teams through IT outages and security incidents using structured SRE and SecOps workflows.

Enterprise TDD Workflow

Enforces strict test-driven development cycles with 80%+ coverage across TypeScript and Kotlin ecosystems.

Systematic Bug Fixer

Resolves software defects through automated test-driven reproduction, root cause analysis, and rigorous regression verification.

.NET xUnit v3 Testing

Guides the implementation of robust unit and integration tests using the xUnit v3 framework for .NET 8.0+ projects.

OWASP Security Reviewer

Performs automated security audits and OWASP Top 10 compliance checks on pull requests, commits, or entire codebases.

Repo Health Audit

Audits Git repositories for security vulnerabilities, large files, and maintenance issues to ensure clean and secure codebases.

GitHub Workflow Security Patterns

Implements secure, production-grade GitHub Actions workflows using canonical security patterns and CodeQL best practices.

Security Implementation Guide

Implements production-ready security patterns for web applications, covering authentication, input validation, and vulnerability prevention.

OAuth Flow Architect

Implements secure OAuth 2.0 and OpenID Connect (OIDC) authentication flows with robust token management and security best practices.

Security Threat Modeler

Performs systematic security threat modeling using the STRIDE framework to identify architectural vulnerabilities and provide mitigation strategies.

Security Implementation Guide

Implements production-ready security patterns for authentication, authorization, and common vulnerability prevention.

SpecStory Guard

Secures your SpecStory history by automatically scanning for and blocking the commit of sensitive credentials and API keys.

OAuth Flow Architect

Implements secure OAuth 2.0 and OpenID Connect (OIDC) authentication flows with PKCE, token management, and identity validation.

OAuth Flow Architect

Implements secure OAuth 2.0 and OpenID Connect authentication flows with standardized token management and provider integrations.

Security Implementation Guide

Implements production-ready security patterns for authentication, authorization, and vulnerability prevention in web applications.

Testing Patterns

Implements comprehensive testing strategies across the full stack using modern frameworks and best practices.

Testing Patterns & Best Practices

Implements comprehensive testing strategies across the full stack using modern frameworks like Vitest, Playwright, and React Testing Library.

TestSpec Deep Requirements Analysis

Performs deep testing analysis and requirements grooming to identify hidden risks, logic gaps, and missing information.

Testing Patterns & Best Practices

Implements robust testing strategies across the full stack using modern frameworks and proven architectural patterns.

TestSpec Project Setup

Initializes a structured testing workflow by creating directory hierarchies and comprehensive test proposals linked to requirements.

API to JMeter (JMX) Generator

Converts API documentation, curl commands, and Postman collections into executable Apache JMeter JMX test scripts automatically.

TestSpec Case Generator

Generates structured test cases from markdown specifications and exports them to professional Excel and XMind formats.