Security & Testing Claudeスキル

Burp Suite Web Application Testing

Executes comprehensive web application security testing and vulnerability scanning using Burp Suite's integrated toolset.

Wireshark Network Traffic Analysis

Analyzes network traffic using Wireshark to capture, filter, and troubleshoot network protocols and security anomalies.

API Security Best Practices

Implements robust security patterns for APIs, including authentication, authorization, input validation, and protection against common vulnerabilities.

Shodan Security Reconnaissance

Performs advanced reconnaissance and vulnerability discovery for internet-exposed devices using the Shodan search engine.

API Security Best Practices

Secures backend services by implementing robust authentication, authorization, input validation, and rate-limiting patterns.

Linux Privilege Escalation

Performs systematic privilege escalation assessments on Linux systems to identify and exploit security misconfigurations for root-level access.

Ethical Hacking Methodology

Guides users through the complete penetration testing lifecycle, from reconnaissance and vulnerability scanning to exploitation and professional reporting.

SQL Injection Security Testing

Executes comprehensive SQL injection vulnerability assessments to identify database flaws and validate input sanitization.

Linux Privilege Escalation

Conducts systematic privilege escalation assessments on Linux systems to identify and exploit security misconfigurations and vulnerabilities.

OpenSpec Change Verifier

Validates that code implementations align perfectly with specifications, tasks, and design documents before archival.

OpenSpec Implementation Verifier

Validates that code implementations align perfectly with specification, task, and design artifacts before final archiving.

Vulnerability Scanner

Conducts advanced security audits and risk assessments based on OWASP 2025 standards and modern threat landscapes.

Spanner Unit Testing

Automates the setup, execution, and cleanup of Go unit tests that require the Google Cloud Spanner emulator.

TDD Green Phase Expert

Implements the minimal code required to pass failing tests while strictly adhering to Test-Driven Development principles.

TDD Red Phase Expert

Enforces the 'test-first' principle of Test-Driven Development by guiding users to write failing tests before implementation.

Web App Testing & Playwright Toolkit

Automates end-to-end testing and browser interactions for local web applications using Playwright and server management utilities.

Test-Driven Design (TDD) Expert

Guides the design, implementation, and review of high-value tests across unit, integration, and E2E layers using a behavior-focused workflow.

Claude Plugin Verification

Validates Claude extensions and plugin components to ensure compliance with schema, structure, and runtime requirements before release.

Eval Harness for Claude Code

Implements a formal evaluation framework for Claude Code workflows using Eval-Driven Development (EDD) principles.

Spec Gap Analysis

Automates the comparison of specification documents against source code to identify unimplemented features and implementation drift.

Security Review & Hardening

Enforces comprehensive security checklists and provides implementation patterns for authentication, input validation, and sensitive data handling.

Claude Code Cross-Review

Implements a multi-agent review workflow that subjects code changes to three parallel expert audits before finalizing commits.

Spring Boot Verification Loop

Automates a comprehensive verification pipeline for Spring Boot applications, including builds, tests, security scans, and code quality checks.

TDD Workflow

Enforces test-driven development practices to ensure high-quality code with a minimum of 80% test coverage across unit, integration, and E2E tests.

Spring Boot Security Pro

Enforces Spring Security best practices for authentication, authorization, and vulnerability mitigation in Java applications.

Django Security Expert

Hardens Django applications using industry-standard security configurations, authentication patterns, and vulnerability protection strategies.

Django Verification Suite

Automates a comprehensive verification pipeline for Django projects, covering migrations, security audits, test coverage, and deployment readiness.

Security Review

Conducts comprehensive security audits and implements defensive coding patterns to protect applications from vulnerabilities.

Security Scan & Agent Hardening

Audits AI tool configurations, MCP servers, and instruction files for security vulnerabilities and injection risks.

Python Testing Strategies

Implements comprehensive Python testing workflows using pytest, TDD methodologies, and advanced mocking techniques.