Security & Testing Claudeスキル

Security Operations

Provides comprehensive operational security guidance for web application deployment, monitoring, and secret management.

Defense-in-Depth Validation

Implements multi-layered validation strategies to eliminate bugs and ensure data integrity across all system boundaries.

Subagent Skill Testing

Verifies skill reliability and pressure resistance through a quantitative TDD cycle and compliance scoring.

Payment Security

Implement secure subscription billing and payment gating using Clerk Billing and Stripe while ensuring PCI-DSS compliance through outsourced card data handling.

Web Application Testing Toolkit

Automates local web application testing and browser interaction using Playwright and integrated server management utilities.

Pre-Commit Design Review

Validates TypeScript and React code against design principles, accessibility standards, and architectural best practices beyond what standard linters can enforce.

Security Coordinator

Orchestrates RAN security using cognitive threat detection, predictive modeling, and intelligent policy management for 5G networks.

Refactoring

Enhances code maintainability and reduces complexity through autonomous linter-driven patterns like storifying and dependency rejection.

Web App Testing & Playwright Automation

Automates end-to-end testing and browser interactions for local web applications using Playwright and managed server lifecycles.

IDA Pro Plugin Packager

Streamlines the creation, validation, and distribution of IDA Pro plugins for the Hex-Rays Plugin Manager.

Codex External Review

Requests a second perspective from OpenAI's Codex models to identify gaps, risks, and architectural flaws in technical designs and implementations.

React Testing Patterns

Applies best practices for React and TypeScript testing by prioritizing user behavior, accessible queries, and realistic API mocking.

Skill Test-Driven Development

Ensures AI agents follow specific process guidelines by applying TDD principles to skill documentation through pressure testing and loophole refactoring.

Code Analyzer

Analyzes code structure, patterns, and quality to identify potential issues and architectural improvements without modifying source files.

Linter-Driven Development

Orchestrates a comprehensive development workflow for TypeScript and React by integrating design, automated testing, linting loops, and pre-commit reviews.

Resource Exhaustion Security

Identifies and mitigates resource exhaustion and denial-of-service vulnerabilities in AI-generated code by implementing strict operational limits and resource-aware patterns.

Verification & Quality Assurance

Ensures code reliability and output accuracy through real-time truth scoring, automated quality checks, and intelligent rollbacks.

Standardized Bugfix Workflow

Implements a structured, TDD-driven bugfix process with automated confidence scoring and quality gate validation.

Spec-Driven Implementation

Implements features using a rigorous TDD workflow with automated task tracking and requirement traceability.

Sandbox Manager

Configures and manages security sandboxing for Claude Code to ensure isolated and restricted execution of untrusted or sensitive code.

Skill Validator

Ensures skill and Model Context Protocol (MCP) implementations align with their manifests by performing Codex-powered semantic comparisons of code against descriptions, preconditions, and effects.

Security Headers

Configures robust HTTP security headers to protect web applications against clickjacking, cross-site scripting (XSS), and data exfiltration.

Claude Permissions

Manages and configures security permissions, sandboxing environments, and tool access protocols for Claude Code.

Command Safety & Categorization Specialist

Manages and optimizes command safety classification rules to ensure secure execution and accurate documentation verification.

Gemini Policy Engine Builder

Configures and manages secure tool execution policies for Gemini CLI using TOML-based rules and priority tiers.

Web App Testing & Playwright Automation

Automates local web application testing and UI verification using Playwright and intelligent server lifecycle management.

Rate Limiting

Protects web applications from brute force attacks, automated spam, and costly resource abuse through intelligent request frequency control.

Skill Description Evaluator

Automates multi-model skill description analysis using structured, sequential thinking to generate ratings and recommendations.

Code Review

Automates comprehensive code quality analysis, security vulnerability scanning, and architectural compliance checks to ensure production-grade standards.

Dependency & Supply Chain Security

Audits and secures software dependencies to prevent supply chain attacks and mitigate known vulnerabilities in application packages.