Security & Testing Claudeスキル

Secure Auth Patterns

Implements industry-standard authentication and authorization architectures including OAuth 2.0, PKCE, and JWT best practices.

Hook Reviewer

Audits and validates Claude Code hook scripts for security vulnerabilities, specification compliance, and reliable performance.

Workflow Debug

Debugs software errors systematically using a five-step analysis and multi-layer verification workflow.

Playwright Selector Expert

Optimizes Playwright E2E tests by implementing robust, accessible, and user-facing locator strategies.

Eval Harness for Claude Code

Implements Eval-Driven Development (EDD) principles to define, track, and validate AI-generated code quality through formal evaluation frameworks.

Web Application Testing with Playwright

Automates and validates local web application functionality using Playwright for end-to-end testing and UI debugging.

E2E Test Runner

Automates the creation, maintenance, and execution of comprehensive end-to-end testing suites including CI/CD integration.

QA Pipeline Guard

Automates rigorous quality assurance testing and pipeline validation as a final gate before deployment.

ISMS Audit Expert

Manages Information Security Management System (ISMS) audits and ISO 27001 compliance workflows through structured control assessments and finding management.

TDD Workflow & Quality Assurance

Enforces disciplined Test-Driven Development (TDD) to achieve 80%+ test coverage across unit, integration, and E2E testing layers.

Verification Loop

Implements a multi-phase validation workflow to ensure code quality, type safety, and security before finalizing changes.

xUnit .NET Testing

Authors and optimizes xUnit v3 and v2 tests for .NET applications, including complex data-driven theories and shared fixtures.

Gardener Session Replay

Generates deterministic session recording files and reproduction tests from Gardener TUI runtime errors.

Security Reviewer

Conducts comprehensive security audits and implements defensive coding patterns to protect applications from common vulnerabilities.

Frontend Testing for Dify

Generates Vitest and React Testing Library tests for Dify frontend components, hooks, and utilities while ensuring high code coverage.

End-to-End Test Runner

Automates the creation, maintenance, and execution of comprehensive end-to-end testing suites including CI/CD integration.

.NET Time Testing & TimeProvider Guidance

Implements reliable testing for time-dependent logic in .NET applications using the TimeProvider and FakeTimeProvider abstractions.

API Test Suite Builder

Automates the creation of comprehensive API test suites by scanning route definitions across multiple web frameworks.

Systematic Debugger

Systematically investigates and resolves software bugs, errors, and unexpected behaviors using evidence-based workflows.

Data Flow Path Tracer

Analyzes and traces the movement of data from sources to sinks to ensure security, integrity, and clear data provenance.

Security Hardening for AI Usage Monitor

Strengthens the security posture of the AI Usage Monitor by enforcing strict data handling and secure communication protocols.

Badminton Mobile Playwright QA

Automates mobile-first end-to-end testing for badminton AI analysis flows using Playwright and comprehensive API mocking.

Code Change Verification

Validates code integrity by executing a comprehensive suite of builds, linting, and multi-level tests before task completion.

Repo Audit & Safety Monitor

Conducts non-destructive repository health audits and low-risk remediation to ensure operational stability and documentation alignment.

Systematic Debugging

Enforces a rigorous four-phase framework to identify root causes and prevent regression before implementing any code fixes.

.NET Snapshot Testing with Verify

Implements robust snapshot and approval testing for .NET applications using the Verify library to validate complex objects and API responses.

Environment & Secrets Manager

Manages environment variable lifecycles and implements robust secret leak detection to secure development and deployment workflows.

MCP Tool Validator

Automates functional testing and lifecycle validation for Model Context Protocol (MCP) servers and tools.

Code Quality Analyzer

Performs deep, multi-dimensional code quality audits using automated analyzers and specialized AI agents to generate actionable scores and improvement plans.

GDPR & DSGVO Compliance Expert

Automates GDPR and German DSGVO compliance through codebase privacy scans, DPIA generation, and data subject rights tracking.