Security & Testing Claudeスキル

Root Cause Tracing

Systematically traces bugs backward through the call stack to identify and fix the original trigger rather than just treating symptoms.

Claude Plugin Auditor

Automates security, compliance, and quality audits for Claude Code plugins to ensure they meet production standards.

Vulnerability Scanner

Performs automated security audits to detect code flaws, vulnerable dependencies, and insecure configurations within your project.

Defense-in-Depth Validation

Implements a multi-layered validation strategy to catch bugs at every system boundary and make structural failures impossible.

Security Incident Responder

Guides users through the complete security incident response lifecycle from initial triage and containment to forensic investigation and recovery.

OWASP Compliance Checker

Scans codebases for web application security vulnerabilities based on the OWASP Top 10 standards to ensure production-ready security.

Security Audit Reporter

Generates comprehensive security audit reports and compliance assessments to identify system vulnerabilities and provide actionable remediation steps.

Lark Test Case Generator

Generates structured OPML test cases from Lark Project work items and technical documentation automatically.

Plan-Then-Execute

Implements a high-integrity execution pattern that separates planning from action to prevent prompt injection and ensure human oversight.

Threat Modeling Status

Displays a comprehensive overview of security posture, including asset counts, threat distribution, and compliance coverage within Claude Code.

Database Test Manager

Automates the creation of robust database testing environments through data generation, transaction management, and schema validation.

CSRF Protection Validator

Validates web application security by identifying Cross-Site Request Forgery (CSRF) vulnerabilities and auditing protection mechanisms.

Nixtla Release Validation

Automates multi-phase release validation workflows to ensure stability and predict test impacts for Nixtla time-series projects.

Full Threat Modeling Workflow

Automates the end-to-end threat modeling lifecycle from asset discovery to comprehensive risk reporting using industry-standard frameworks.

SOC2 Audit Helper

Streamlines SOC2 audit preparation by automating evidence gathering, report generation, and compliance gap analysis.

Data Privacy Scanner

Scans codebases and configurations to identify PII leaks, regulatory compliance violations, and potential data privacy vulnerabilities.

Go Channel Sync Simulator

Simulates Go-style channel communication patterns using filesystem-based scripts for testing and demonstration purposes.

HTML Lint & Accessibility Runner

Audits web content for WCAG accessibility compliance and HTML structural standards using industry-standard linting tools.

Infrastructure Compliance Checker

Analyzes cloud infrastructure configurations to ensure compliance with SOC2, HIPAA, and PCI-DSS standards.

HIPAA Compliance Checker

Scans codebases, infrastructure configurations, and documentation to identify potential HIPAA compliance violations and security risks.

FFUF Web Fuzzing Skill

Streamlines web fuzzing workflows with expert guidance on FFUF for discovering hidden content, subdomains, and vulnerabilities during penetration testing.

Security Incident Responder

Guides teams through the full security incident response lifecycle from initial classification to post-incident remediation.

Load Balancer Tester

Automates the validation of load balancing strategies, including traffic distribution, failover scenarios, and health check integrity.

Vulnerability Scanner

Identifies and reports security vulnerabilities, CVEs, and configuration weaknesses across your codebase and project dependencies.

Plugin Auditor

Performs comprehensive security and compliance audits for Claude Code plugins to ensure high-quality standards and marketplace readiness.

OSS Solution Implementation

Implements high-quality code and comprehensive tests for open-source contributions while strictly following project standards.

Code Review Correctness

Analyzes source code to identify complex logic bugs, unhandled edge cases, and critical error handling failures before they reach production.

Claude Plugin Auditor

Automates security, compliance, and best practice audits for Claude Code plugins to ensure production-readiness and marketplace standards.

CORS Policy Validator

Validates Cross-Origin Resource Sharing (CORS) configurations to identify security vulnerabilities and ensure policy compliance.

Claude Plugin Validator

Automates the validation of Claude Code plugin structures, schemas, and security compliance to ensure adherence to repository standards.