Security & Testing Claudeスキル

Hookify Rule Writer

Configures custom validation rules and automated guardrails to govern Claude Code's behavior and command execution.

QA & Verification Suite

Automates comprehensive quality assurance workflows from initial criteria design to qualitative fitness assessments and acceptance testing.

Test Investigation & Debugging

Simplifies test debugging by providing a specialized logger that only activates during test execution to trace failures without polluting production code.

Hookify Rule Authoring

Enables the creation of custom automation rules and guardrails for Claude Code using the Hookify plugin.

Automated Web App Testing

Automates local web application testing and UI verification using Playwright scripts and integrated server management.

Project Workflow Auditor

Audits repositories for security vulnerabilities, CI/CD safety, and compliance with engineering standards to ensure production readiness.

Gateway Bookkeeper

Enforces Model Context Protocol (MCP) tool usage through a centralized gateway to ensure policy-driven execution and auditable logging.

QA Release Gate Agent

Automates risk-based testing, CI/CD quality gate verification, and release readiness reporting to ensure production stability.

Web Application Testing

Automates end-to-end testing and UI verification for local web applications using Playwright scripts.

Debug Team Workflow

Orchestrates a structured full-repository debugging process including triage, bug logging, and verified fixes.

Memory Safety Patterns

Implements memory-safe programming patterns like RAII and ownership across Rust, C++, and C to prevent critical resource management bugs.

Data Quality Frameworks

Implements robust data validation pipelines using Great Expectations, dbt tests, and formalized data contracts.

Council Codebase Intelligence

Conducts multi-agent codebase audits and architectural reviews to provide synthesized, CTO-level insights and readiness assessments.

Memory Forensics & Malware Analysis

Analyzes system memory dumps to detect malware, extract forensic artifacts, and investigate security incidents using Volatility 3 and professional acquisition tools.

Kubernetes Security Policies

Implement production-grade Kubernetes security using NetworkPolicies, Pod Security Standards, and granular RBAC configurations.

Solidity Security

Implements industry-standard security patterns and audits Solidity smart contracts to prevent critical blockchain vulnerabilities.

Web3 Smart Contract Testing

Facilitates comprehensive smart contract testing using Hardhat and Foundry frameworks to ensure security, reliability, and gas efficiency.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress to ensure web application reliability.

STRIDE Threat Analysis Patterns

Implements the STRIDE methodology to systematically identify, categorize, and mitigate security threats during system design and code review.

Parallel Debugging Framework

Systematizes complex issue resolution through structured hypothesis testing and parallel evidence collection to eliminate debugging bias.

SAST Configuration & Security Scanning

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within the development lifecycle.

Attack Tree Construction

Builds systematic attack tree visualizations and threat path analyses to identify security vulnerabilities and defense gaps.

Temporal Python Testing

Provides comprehensive strategies and patterns for testing Temporal workflows using pytest, time-skipping, and determinism validation.

Threat Mitigation Mapping

Maps identified security threats to specific controls and mitigations to strengthen application defense-in-depth.

Debugging Strategies

Employs systematic debugging techniques and profiling tools to identify and resolve complex code issues across any technology stack.

Python Testing Patterns

Implements robust Python testing suites using pytest, advanced fixtures, and comprehensive mocking strategies.

Binary Analysis Patterns

Master reverse-engineering through disassembly, decompilation, and structural pattern recognition in compiled binaries.

WCAG Accessibility Audit & Compliance

Conducts comprehensive WCAG 2.2 accessibility audits and provides actionable remediation strategies for web applications.

Security Requirement Extraction

Transforms abstract threat models into actionable security requirements, user stories, and test specifications.

JavaScript Testing Patterns

Implements robust testing architectures for JavaScript and TypeScript projects using Jest, Vitest, and modern best practices.