Security & Testing Claudeスキル

Kubernetes Security Policies

Implements production-grade Kubernetes security using NetworkPolicy, RBAC, and Pod Security Standards.

Ruzzy Ruby Fuzzer

Enables coverage-guided fuzzing for pure Ruby applications and Ruby C extensions to detect memory corruption and security vulnerabilities.

API Security & Bug Bounty Fuzzing

Conducts comprehensive security assessments and vulnerability discovery for REST, SOAP, and GraphQL APIs.

Harness Orchestrator

Coordinates automated test harnesses and CI test runs to ensure continuous code quality and rapid failure reporting.

Insecure Defaults Detector

Audits codebase for fail-open security vulnerabilities and weak default configurations that risk production exposure.

ERC-4337 Privacy Wallet Development

Develops privacy-preserving ERC-4337 account abstraction wallets for sensitive data like vehicle identities and biometric information.

Wycheproof Crypto Validator

Validates cryptographic implementations using extensive test vectors to protect against known attacks and edge cases.

TON Smart Contract Security Scanner

Audits TON blockchain smart contracts written in FunC to identify and remediate platform-specific security vulnerabilities.

Fix Review

Verifies that security audit remediation commits correctly address findings without introducing new bugs.

Genealogy Domain Auditor

Audits genealogy data models and GEDCOM implementations for standards compliance and architectural integrity.

Solana Security Auditor

Audits Solana smart contracts for security vulnerabilities using a systematic 5-step review framework for both Anchor and native Rust implementations.

Web Application Testing

Automates comprehensive testing and debugging for local web applications using the Playwright framework.

AFL++ Fuzzing Handbook

Implements advanced multi-core fuzzing for C/C++ projects using AFL++ to identify security vulnerabilities and memory corruption bugs.

Top 100 Web Vulnerabilities Reference

Provides a comprehensive guide to identifying, understanding, and mitigating the most critical web application security flaws.

.NET Test Infrastructure Setup

Scaffolds comprehensive test projects for .NET solutions including xUnit, code coverage, and standardized directory structures.

Web Security Vulnerability Reference

Provides a comprehensive, structured guide to identifying, understanding, and mitigating the top 100 web application vulnerabilities.

Agent Evaluation & Benchmarking

Evaluates and benchmarks LLM agents using behavioral testing, reliability metrics, and adversarial assessments to ensure production readiness.

Shodan Reconnaissance & Pentesting

Conducts comprehensive security reconnaissance and vulnerability discovery using Shodan's search engine, CLI, and API.

Privilege Escalation Methods

Provides comprehensive techniques and commands for escalating user privileges on compromised Linux and Windows systems.

Ethical Hacking Methodology

Provides a comprehensive framework for the full penetration testing lifecycle, including reconnaissance, scanning, exploitation, and professional reporting.

Skill Quality Tester

Validates, tests, and scores Claude Code skills to ensure they meet rigorous quality and architectural standards.

Shodan Reconnaissance & Pentesting

Conducts automated network reconnaissance and vulnerability discovery using the Shodan search engine, CLI, and REST API.

API Security & Bug Bounty Fuzzing

Conducts comprehensive security assessments and fuzzing on REST, SOAP, and GraphQL APIs to identify vulnerabilities like IDOR, SQL injection, and authentication bypasses.

Linux Privilege Escalation

Identifies and exploits Linux system misconfigurations to elevate user privileges to root-level access.

Security Scanning Tools

Conducts comprehensive security audits and vulnerability assessments using industry-standard tools for networks, web apps, and cloud infrastructure.

Verification Before Completion

Enforces rigorous evidence-based verification before any code task is marked as complete or committed.

Substrate Vulnerability Scanner

Scans Substrate FRAME pallets for critical vulnerabilities including arithmetic overflows, panic-driven DoS, and incorrect weight calculations.

TDD Discipline & Testing Automation

Enforces strict Test-Driven Development workflows by requiring failing tests before implementation and matching project-specific testing patterns.

Test Runner Automator

Automatically detects and executes multi-framework test suites to provide concise pass/fail summaries after code modifications.

QA Strategy & Quality Metrics

Implements robust testing frameworks and quality metrics to manage technical debt and improve code maintainability.