Security & Testing Claudeスキル

SMTP Penetration Testing

Performs comprehensive security audits and vulnerability assessments on SMTP mail servers to identify misconfigurations and exposure risks.

Web App Testing Toolkit

Facilitates end-to-end testing and interaction with local web applications using Playwright and automated server management.

TDD Workflow

Implements Test-Driven Development principles using the Red-Green-Refactor cycle to ensure robust and maintainable code.

Red Team & Bug Bounty Methodology

Automates professional reconnaissance and vulnerability discovery workflows using industry-standard red teaming tools and methodologies.

XSS & HTML Injection Security Testing

Conducts comprehensive security audits to identify, exploit, and remediate Cross-Site Scripting and HTML injection vulnerabilities in web applications.

Skill Testing with Subagents

Applies the RED-GREEN-REFACTOR cycle to process documentation to ensure AI agents follow instructions under high-pressure scenarios.

Condition-Based Waiting

Eliminates flaky tests and race conditions by replacing arbitrary timeouts with intelligent state-based condition polling.

Defense-in-Depth Validation

Implements multi-tiered data validation strategies to prevent deep execution failures and make software bugs structurally impossible.

Root Cause Tracing

Systematically traces bugs through the call stack to identify original triggers and implement long-term fixes.

Testing Anti-Patterns Guard

Eliminates common testing mistakes by enforcing strict TDD principles and preventing mock-related technical debt.

Systematic Debugging

Implements a rigorous four-phase framework to identify root causes and resolve complex technical issues without introducing regressions.

Parallel Agent Dispatcher

Accelerates debugging by dispatching multiple independent Claude agents to investigate and resolve concurrent system failures.

Cloud Penetration Testing

Conducts comprehensive security assessments and penetration tests across AWS, Azure, and Google Cloud Platform environments.

Verification Before Completion

Enforces rigorous, evidence-based verification before claiming any programming task or bug fix is complete.

Engineering Vibe Audit

Conducts a rigorous 20-metric technical audit to evaluate code quality, production readiness, and AI-generated slop.

AI Code Reviewer

Performs systematic code audits to identify security vulnerabilities, logic bugs, and maintainability issues with actionable feedback.

Story-Driven Acceptance Testing

Guides Product Owners through manual verification steps to validate features before they are merged into production.

Privilege Escalation Methods

Provides expert techniques and commands for escalating user privileges on compromised Linux and Windows systems.

XSS & HTML Injection Security Testing

Performs comprehensive security assessments to identify, exploit, and remediate Cross-Site Scripting (XSS) and HTML injection vulnerabilities in web applications.

XSS and HTML Injection Security Tester

Conducts comprehensive security assessments to identify and demonstrate cross-site scripting and HTML injection vulnerabilities in web applications.

Privilege Escalation Toolkit

Provides comprehensive methodologies and commands for elevating user privileges on Linux and Windows systems during security assessments.

Task Module Testing

Automates the planning, implementation, and verification of unit and integration tests across multiple programming domains.

Java Issue Triage Extension

Triages Java-related findings and static analysis issues during the finalization phase of the AI coding workflow.

Web Access Security & Permissions

Manages WebFetch permissions through security assessment patterns and trusted domain verification standards.

SonarQube Workflow Integration

Automates the retrieval, triage, and resolution of SonarQube issues within your development workflow.

Plugin Development Triage Extension

Streamlines the triage of marketplace plugin findings by providing decision-making guidelines for testing and validation errors.

Verification Mode for Plan Marshall

Enforces a strict verification protocol that halts execution on errors or workarounds to ensure reliable AI orchestration and root cause resolution.

CUI Java Testing Standards

Enforces standardized Java testing patterns using CUI libraries for reliable data generation and contract validation.

JUnit Core Testing

Standardizes Java unit testing using JUnit 5 with the Arrange-Act-Assert (AAA) pattern and strict coverage requirements.

Security Review Specialist

Conducts comprehensive security audits, threat modeling, and remediation guidance for software projects using standardized safety frameworks.