Security & Testing Claudeスキル

Council Codebase Intelligence

Conducts multi-agent codebase audits and architectural reviews to provide synthesized, CTO-level insights and readiness assessments.

Data Quality Frameworks

Implements robust data validation pipelines using Great Expectations, dbt tests, and formalized data contracts.

Memory Safety Patterns

Implements memory-safe programming patterns like RAII and ownership across Rust, C++, and C to prevent critical resource management bugs.

Cairo/StarkNet Security Scanner

Scans Cairo smart contracts for critical vulnerabilities including arithmetic overflows, L1-L2 messaging flaws, and signature replay attacks.

Instantly Data Privacy & Compliance

Implements PII handling, data retention policies, and GDPR/CCPA compliance patterns for Instantly integrations.

Playwright E2E Testing

Implements robust end-to-end testing patterns using Playwright to verify complete user workflows through real browser interactions.

Notion MCP Security & Credential Management

Secures Notion MCP integrations by providing automated validation hooks, credential storage best practices, and emergency response protocols.

Semgrep Rule Creator

Generates and validates production-quality Semgrep rules to detect security vulnerabilities and complex code patterns using a test-driven approach.

Dead Code Finder

Identifies and removes unused code, commented blocks, unreachable paths, and redundant imports to streamline codebase maintainability.

Obsidian Local Backup Tester

Streamlines the local execution and validation of the Obsidian vault backup service using isolated test configurations.

Web Application Testing Toolkit

Facilitates end-to-end testing and interaction with local web applications using automated Playwright scripts and server management.

Constant-Time Cryptography Analysis

Detects timing side-channel vulnerabilities and secret-dependent operations in cryptographic code across 14+ programming languages.

CodeQL Static Analysis

Performs deep interprocedural static analysis to detect security vulnerabilities and track data flow across complex codebases.

Web Application Testing

Automates and tests local web applications using Playwright with integrated server lifecycle management.

macOS Verified Screenshots

Captures and validates macOS window screenshots using advanced verification logic and automated retries to ensure visual accuracy.

Ash Framework Test Assistant

Runs, analyzes, and debugs Elixir tests within the Ash Framework using intelligent failure diagnosis and suggested fixes.

DevOps Security Auditor

Automates security auditing and vulnerability assessments within development workflows to identify dependencies, secrets, and compliance risks.

Testing Handbook Generator

Automates the creation of specialized security testing skills for Claude Code by analyzing the Trail of Bits Testing Handbook.

Fuzzing Dictionary Guide

Guides fuzz testing by providing domain-specific tokens to reach deeper code paths in parsers and protocols.

Clerk CI/CD & Auth Testing

Automates the setup of Clerk authentication within CI/CD pipelines using GitHub Actions and Playwright for robust end-to-end testing.

OWASP Security Standards

Reviews and implements code according to the latest OWASP security benchmarks, including Top 10:2025 and Agentic AI safety guidelines.

Pytest Python Testing

Automates the creation and management of robust Python test suites using the industry-standard pytest framework.

Computer Use Automation & QA Testing

Automates web application testing by generating Playwright-based test harnesses and natural-language goal files for Gemini 2.5 Computer Use.

Fuzzing Harness Expert

Provides structured techniques and code patterns for writing effective fuzzing harnesses to improve software security and reliability.

LibAFL Fuzzing Library

Builds modular, high-performance custom fuzzers using the LibAFL framework for advanced security testing and research.

TDD Workflow for AWS Automation

Enforces a strict Red-Green-Refactor testing methodology for Python-based AWS infrastructure and CLI tools.

Vue Test Utils Patterns

Implements standardized Vue 3 component testing patterns using Vue Test Utils, Pinia mocking, and async handling.

TypeScript Testing Standards

Enforces a flat, mock-minimal unit testing architecture for Vitest and Jest in TypeScript projects.

TypeScript Type Checker

Executes comprehensive TypeScript type checks using specialized sub-agents or CLI fallbacks to ensure code integrity.

Variant Analysis Expert

Identifies and hunts for recurring security vulnerabilities and bug patterns across entire codebases using systematic pattern-based analysis.