Security & Testing Claudeスキル

Bug Hunters Systematic Auditor

Executes systematic bug hunting through spec reconstruction and adversarial validation to identify high-confidence logic and language-specific flaws.

Community Escalation Framework

Standardizes community incident management through tiered response protocols, stakeholder mapping, and cross-functional coordination.

Backend Test Generator

Automates the creation of comprehensive backend unit and integration tests with mocks and fixtures.

Frontend Component Testing

Automates the generation of comprehensive unit, snapshot, and interaction tests for React and Vue components using React Testing Library.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure high-quality, bug-free production code through test-first implementation.

Verification Before Completion

Enforces rigorous evidence-based validation before any task completion claims, commits, or pull requests.

Systematic Debugging

Enforces a rigorous four-phase root cause analysis process to identify and resolve software bugs before any code changes are proposed.

Visual Regression Testing

Automates the end-to-end setup of visual regression testing for frontend components using Storybook and CI/CD pipelines.

Comprehensive Feature Verification

Verifies software implementations through parallelized agent analysis, automated testing, and detailed evidence compilation.

OWASP Top 10 Security Auditor

Audit and secure codebases against the most critical web application security risks using industry-standard mitigation patterns.

Condition-Based Waiting

Eliminates flaky tests and race conditions by replacing arbitrary timeouts with smart, deterministic condition polling.

Subagent Skill Testing

Validates and stress-tests AI skill documentation using a TDD-inspired Red-Green-Refactor cycle to ensure agent compliance under pressure.

Defense-in-Depth Validation

Ensures application reliability by implementing multi-layered validation patterns that make structural bugs and data corruption impossible to reproduce.

Modern Authentication Patterns

Implements production-ready authentication and authorization workflows using modern security standards like OAuth 2.1, Passkeys, and Argon2id.

Systematic Debugging

Enforces a rigorous, four-phase debugging methodology to identify root causes and ensure reliable software fixes without guesswork.

Preflight Code Quality Checker

Automatically discovers and executes comprehensive code quality checks including linting, type checking, security audits, and testing across multiple programming ecosystems.

Test Data Management

Simplifies the creation and maintenance of robust test datasets through factories, fixtures, and automated seeding strategies.

Test Standards Enforcer

Enforces modern testing best practices and quality gates by validating patterns, naming, and coverage thresholds.

Test Execution & Analysis

Executes comprehensive test suites across backend and frontend environments with automated failure analysis and coverage reporting.

Security Audit & OWASP Compliance

Performs deep security analysis of codebases to identify vulnerabilities, OWASP Top 10 risks, and insecure architectural patterns.

LLM Safety Patterns

Implements production-grade security patterns for LLM integrations to defend against prompt injection and prevent hallucinations.

AI Defense-in-Depth

Implements a robust 8-layer security architecture to harden AI pipelines and protect LLM integrations from end-to-end.

Unit Testing Patterns

Implements robust unit testing patterns and best practices for TypeScript and Python using the AAA pattern and optimized fixtures.

Security Initialization

Automatically configures Claude Code security permissions by detecting project technologies and blocking access to sensitive files and build artifacts.

Input Validation & Sanitization

Implements secure input validation and sanitization patterns using Zod and Pydantic to prevent injection attacks and ensure data integrity.

MSW API Mocking

Intercepts and mocks network requests using Mock Service Worker 2.x to create deterministic frontend tests for REST, GraphQL, and WebSockets.

Security Scanning

Automates vulnerability detection for dependencies, source code, and containers using industry-standard security tools.

Webapp Testing & Playwright Automation

Automates end-to-end web testing using Playwright's autonomous agents for planning, generating, and self-healing tests.

VCR.py HTTP Recording

Records and replays HTTP interactions for Python tests to create deterministic, network-independent, and cost-effective test environments.

Evidence Verification

Verifies development tasks and code changes by collecting verifiable proof including test results, build outputs, and exit codes.