Security & Testing Claudeスキル

Theodore Calvin Testing (tc)

Automates language-agnostic differential testing by comparing JSON outputs against specifications.

Pytest Testing Patterns

Implements a TDD-first approach for high-quality FastAPI testing using production-ready pytest patterns and database isolation.

Code Review Patterns & Security Audit

Performs rigorous security audits and code quality reviews using OWASP standards, Clean Code principles, and supply chain integrity checks.

Trail of Bits CodeQL Security

Performs advanced interprocedural static analysis and security auditing using the CodeQL framework.

Sharp Edges Security Audit

Identifies dangerous API patterns and common security vulnerabilities within React, Next.js, and Supabase codebases.

Security Audit

Conducts comprehensive security vulnerability assessments using over 120 specialized checks including OWASP compliance and database security.

Codebase Stability Audit

Performs comprehensive health checks on your project to ensure stability, security, and best practices across 98+ distinct parameters.

BayesFlow Testing Patterns

Streamlines the creation and debugging of robust tests for BayesFlow extension packages using Keras 3 and PyTorch.

Fact-Checking & Self-Assessment

Validates factual claims, assesses implementation quality, and ensures AI outputs meet production-grade standards through automated self-verification.

Smart Test Fixing

Systematically identifies, groups, and resolves failing test suites using an intelligent root-cause analysis workflow.

Rapid7 InsightVM Vulnerability Scanning

Deploys and configures Rapid7 InsightVM for comprehensive vulnerability management and automated security scanning across enterprise environments.

Rust Unsafe & FFI Guide

Provides expert guidance and safety patterns for writing sound unsafe code and FFI bindings in Rust.

HIPAA Compliance Guide

Provides expert guidance and technical safeguards for developing HIPAA-compliant healthcare applications and handling Protected Health Information (PHI).

GDPR Compliance Expert

Implements GDPR-compliant coding patterns and privacy-by-design principles to protect user data and ensure legal adherence.

Advanced Windows Defender Configuration

Hardens Windows endpoints by configuring Microsoft Defender advanced protection settings, ASR rules, and exploit mitigations.

TDD Workflow & Test Coverage

Enforces test-driven development principles by requiring comprehensive test suites and 80%+ code coverage for every code change.

Web Application Testing

Automates browser-based testing and UI verification for local web applications using Playwright.

Production Reality Checker

Enforces evidence-based production certification by auditing system health, cross-validating QA findings, and preventing premature release approvals.

API Tester & Security Validator

Validates, stress-tests, and secures API endpoints and Supabase integrations to ensure robust performance and security before deployment.

Threat Detection Engineer

Builds high-fidelity security detection rules and maps MITRE ATT&CK coverage to identify and mitigate cyber threats across enterprise and cloud environments.

Forensics Investigator

Conducts professional-grade digital forensic investigations to reconstruct attack timelines and preserve evidentiary integrity after security breaches.

Legal Compliance

Audits and maintains GDPR, SOC2, and data privacy compliance for SaaS products and client data handling practices.

Tool Evaluator

Evaluates and benchmarks testing libraries and development tools using evidence-based scoring and stack-specific compatibility checks.

Security Engineer for Supabase & Expo

Secures Supabase and Expo applications by auditing RLS policies, hardening Edge Functions, and validating payment integrations with an adversarial mindset.

Compliance Auditor

Automates security audits and regulatory compliance workflows for SOC 2, GDPR, HIPAA, and PCI-DSS.

Offensive Security Engineer

Conducts red team assessments and penetration tests to identify, exploit, and validate security vulnerabilities with working proof-of-concepts.

Threat Intelligence Analyst

Conducts advanced cyber threat intelligence analysis to profile APT actors, map campaign infrastructure, and produce actionable strategic and tactical reports.

Test Analyzer & Visual QA

Conducts comprehensive quality audits by combining automated test results analysis with visual evidence collection across mobile and web platforms.

Avad Guard

Safeguards production environments by monitoring destructive terminal commands and enforcing directory-scoped edit boundaries.

HarshJudge E2E Testing Orchestrator

Orchestrates comprehensive end-to-end testing across frontend, backend, and CLI environments using an AI-native step-based agent pattern.