Security & Testing Claudeスキル

Proof of Work

Mandates transparent and verifiable development workflows by requiring concrete evidence for every claim made about code quality, tests, and agent tasks.

Fnox Secrets Providers Configuration

Configures encryption and secret storage providers for Fnox to enable secure, multi-environment secrets management.

Vitest Configuration Specialist

Configures and optimizes Vitest testing environments, workspace setups, and Vite integrations for modern JavaScript and TypeScript applications.

JUnit Testing Extensions

Simplifies the creation and management of custom JUnit extensions, rules, and conditional test execution patterns for Java applications.

Mocha Configuration Expert

Configures and optimizes Mocha testing environments including reporters, plugins, and CI/CD integrations for professional JavaScript development.

Storybook Play Functions

Automates component interaction testing and user behavior simulation within Storybook stories.

Cucumber Best Practices for Claude Code

Guides Claude in writing high-quality, declarative Cucumber scenarios and Gherkin steps that align with professional BDD standards.

Vitest Performance Optimization

Optimizes Vitest test suites for speed through parallelization, efficient configuration, and intelligent watch mode strategies.

Elixir Credo Custom Checks

Generates and implements custom Credo rules to enforce project-specific code quality and security standards in Elixir applications.

Fnox Secrets Configuration

Configures secure and version-controlled secrets management using the Fnox framework and hierarchical TOML files.

Custom Checkstyle Development

Develops specialized Java code standards through custom Checkstyle checks, filters, and plugin integrations.

Playwright Fixtures and Hooks

Manages complex test state and infrastructure through reusable Playwright fixtures and lifecycle hooks for maintainable E2E suites.

Bug Investigation & Planning

Generates comprehensive bug fix plans featuring root cause analysis and validation strategies to ensure robust software resolutions.

E2E Critical Coverage Auditor

Audits E2E test coverage for high-risk business paths and user journeys using a risk-based scoring system.

Dependencies & Reuse Auditor

Audits project dependencies and code reuse to identify outdated packages, unused libraries, and custom implementations of standard features.

Dependency Upgrader

Automates dependency updates across multiple languages and package managers with security audits and build verification.

Regression Checker

Runs existing test suites automatically to detect code regressions and ensure project stability after implementation changes.

Code Quality Checker

Analyzes completed implementation tasks against DRY, KISS, YAGNI, and architectural principles to ensure production-ready code.

Test Runner Automator

Automates test execution and coverage reporting across multiple programming languages and frameworks.

Codebase Auditor & Health Coordinator

Coordinates nine specialized AI workers to perform comprehensive codebase audits across security, architecture, and quality domains.

Spec Format Converter

Converts software specifications between various formats like EARS, Gherkin, and Kiro while maintaining semantic integrity.

Plan Test Data Strategy

Generates comprehensive test data strategies including synthetic generation, PII anonymization, and environment-specific management.

Chaos Engineering Planner

Designs robust chaos engineering experiments and GameDay plans to identify system failure modes and improve resilience.

Comprehensive Security Review

Conducts exhaustive security audits by orchestrating code analysis, secrets scanning, and dependency vulnerability checks in parallel.

Shipyard Systematic Debugging

Enforces a disciplined four-phase debugging framework to identify root causes and eliminate inefficient guess-and-check fixing cycles.

Multi-Identity Git Configuration

Configures directory-scoped Git identities to automate switching between work and personal emails, GPG keys, and SSH credentials.

Shipyard TDD

Enforces a strict Test-Driven Development (TDD) workflow for feature implementation and bug fixes within Claude Code.

Security Audit & Hardening

Performs comprehensive security reviews of code, dependencies, and infrastructure to identify vulnerabilities and prevent data leaks.

Shipyard Verification Gate

Enforces rigorous verification and evidence-based reporting before allowing tasks to be marked as complete, fixed, or ready for commit.

MCP Security & Config Auditor

Audits Model Context Protocol (MCP) server configurations to ensure security, compliance, and optimal performance across project and global settings.