Security & Testing Claudeスキル

OpenWebF Security Suite

Conducts comprehensive security audits for OpenWebF applications focusing on remote content, XSS prevention, and store compliance.

Python Testing Patterns

Implements robust Python testing suites using pytest, advanced mocking, and test-driven development best practices.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor cycle to ensure all production code is justified by a failing test.

Infrastructure Compliance Checker

Analyzes cloud infrastructure configurations to ensure compliance with SOC2, HIPAA, and PCI-DSS standards.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor cycle to ensure code reliability by requiring failing tests before any implementation code is written.

HIPAA Compliance Checker

Scans codebases, infrastructure configurations, and documentation to identify potential HIPAA compliance violations and security risks.

File Path Traversal Security Testing

Provides a comprehensive framework for identifying, testing, and remediating directory traversal and Local File Inclusion (LFI) vulnerabilities in web applications.

FFUF Web Fuzzing Skill

Streamlines web fuzzing workflows with expert guidance on FFUF for discovering hidden content, subdomains, and vulnerabilities during penetration testing.

Verification Before Completion

Enforces rigorous, evidence-based confirmation through command execution before any work is marked as complete or committed.

Probitas Setup

Initializes Probitas environments and configures end-to-end testing frameworks for your project.

Security Incident Responder

Guides teams through the full security incident response lifecycle from initial classification to post-incident remediation.

Load Balancer Tester

Automates the validation of load balancing strategies, including traffic distribution, failover scenarios, and health check integrity.

Probitas Test Framework Helper

Simplifies backend E2E testing by providing instant documentation and implementation patterns for the Probitas framework.

Vulnerability Scanner

Identifies and reports security vulnerabilities, CVEs, and configuration weaknesses across your codebase and project dependencies.

Plugin Auditor

Performs comprehensive security and compliance audits for Claude Code plugins to ensure high-quality standards and marketplace readiness.

Code Review Correctness

Analyzes source code to identify complex logic bugs, unhandled edge cases, and critical error handling failures before they reach production.

SMTP Penetration Testing

Conducts comprehensive security audits of SMTP servers to identify vulnerabilities like open relays, user enumeration flaws, and weak authentication.

Security Scanning

Performs automated security audits to detect hardcoded secrets, OWASP vulnerabilities, and insecure dependency versions in codebases.

Systematic Test Debugger

Diagnoses failing tests through a structured workflow of stack tracing, input verification, and comprehensive reporting.

SSH Penetration Testing

Conducts comprehensive SSH security audits including service discovery, configuration analysis, credential testing, and advanced tunneling techniques.

Claude Plugin Auditor

Automates security, compliance, and best practice audits for Claude Code plugins to ensure production-readiness and marketplace standards.

CORS Policy Validator

Validates Cross-Origin Resource Sharing (CORS) configurations to identify security vulnerabilities and ensure policy compliance.

Claude Plugin Validator

Automates the validation of Claude Code plugin structures, schemas, and security compliance to ensure adherence to repository standards.

Universal Validator

Validates Claude Code skills and plugins using deterministic evidence bundles and strict schema enforcement.

Agent Evaluation Framework

Evaluates AI agent performance using multi-dimensional rubrics, LLM-as-judge patterns, and complexity-stratified test sets.

Mutation Test Runner

Validates test suite quality by introducing code mutations and analyzing the ability of tests to detect logic changes.

Test Coverage Analyzer

Analyzes code coverage metrics and identifies untested code to improve software quality and test suite reliability.

Security Code Review Agent

Conducts comprehensive security audits to identify vulnerabilities like SQL injection and XSS while providing actionable remediation guidance.

Smart Source Reviewer

Analyzes code diffs to identify bugs, regressions, and design system inconsistencies in Astro and TypeScript projects.

System Performance Testing

Automates the design, execution, and analysis of load, stress, and endurance tests to identify system bottlenecks and optimize performance.