Security & Testing Claudeスキル

Remediation: Injection Vulnerabilities

Provides actionable code patterns and best practices to fix SQL injection, command injection, and cross-site scripting (XSS) across multiple programming languages.

Condition-Based Waiting

Eliminates flaky tests by replacing arbitrary timeouts with condition polling to wait for actual state changes.

Security & Compliance Checklist

Applies comprehensive security audits and OWASP-aligned checks to identify vulnerabilities in application code and architecture.

Authentication Management

Secures and manages authentication flows between Laravel Sanctum backends and Next.js frontends while preventing environment configuration leaks.

Scale Game Architect

Validates software architecture by simulating behavior at extreme scales to uncover hidden bottlenecks and production edge cases.

Security Remediation Library

Provides a centralized index of security remediation guides to help developers fix injection, cryptography, authentication, and configuration vulnerabilities.

Automated Testing & QA

Generates and runs comprehensive test suites with automated coverage reporting and documentation-backed best practices.

Security Compliance & Vulnerability Scanner

Automates security validation, vulnerability scanning, and compliance auditing to ensure secure software development cycles.

TDD Wada Style

Implements high-quality software using the Red-Green-Refactor cycle and behavior-driven test patterns inspired by Takuto Wada's philosophy.

Code Testing & TDD Suite

Generate and run unit and integration tests using pytest and Jest with support for mocks, fixtures, and coverage reporting.

Scale Game Problem Solver

Identifies architectural bottlenecks and hidden edge cases by stress-testing software logic at extreme scales.

Security & Compliance Validator

Protects applications by automating security audits, vulnerability scanning, and environment compliance checks.

TDD Workflow Pro

Enforces the Red-Green-Refactor cycle to ensure test-first development and high code quality.

Security Compliance & Scanning

Automates security audits, vulnerability scanning, and compliance validation for software development workflows.

Professional Code Reviewer

Performs in-depth code quality analysis and provides actionable, structured feedback to improve maintainability, security, and performance.

MoAI TRUST Enterprise Quality Framework

Enforces the TRUST 4 principles—Test First, Readable, Unified, and Secured—to ensure production-grade software quality and enterprise governance.

Bug Fix Plan Critic

Evaluates and scores proposed bug fix plans to ensure technical correctness, completeness, and risk mitigation.

GitHub Actions Hardening

Hardens GitHub Actions workflows against script injection, supply chain attacks, and unauthorized privilege escalation.

Authentication Handler

Manages secure authentication, authorization, and user sessions using standardized API wrappers and frontend hooks.

Testing Strategy

Architects comprehensive testing frameworks and implementation patterns to ensure high-quality, resilient codebases.

JeriCommerce QA Specialist

Streamlines quality assurance for the JeriCommerce platform by automating test planning, API execution, log inspection, and Linear documentation.

Web App Testing with Playwright

Facilitates end-to-end testing and UI debugging of local web applications using native Playwright automation scripts.

Implementation Verifier

Ensures code implementations strictly adhere to PRD requirements by validating architectural boundaries and package dependencies.

Testing Coverage Standards

Implements and maintains rigorous testing coverage standards to ensure code reliability and quality throughout the development process.

Engineering Constraint Verification

Verifies business constraints and invariants by generating formal proofs or planning runtime validation checks.

Svelte Debugging & Optimization

Diagnoses and resolves Svelte reactivity issues, hydration mismatches, and state management errors using systematic debugging patterns.

Onvifscan Security Scanner

Audits ONVIF-enabled IP cameras and IoT devices for authentication vulnerabilities and weak credentials.

CarsXE Lien & Theft Check

Verifies a vehicle's legal status by identifying active liens and theft records using the CarsXE API.

Elegant Objects PHP Reviewer

Audits PHP code for compliance with Elegant Objects principles to ensure object-oriented purity and maintainability.

TDD Planning & Testing

Enforces a rigorous, phase-based Test-Driven Development workflow for bash script development using Vitest and automated logs.