Security & Testing Claudeスキル

TDD with Pest PHP for Symfony

Implements a robust Test-Driven Development workflow for Symfony applications using Pest PHP and Zenstruck Foundry.

API Security & Compliance

Hardens API implementations by identifying vulnerabilities, enforcing authentication patterns, and ensuring OWASP compliance.

Symfony E2E Testing (Panther & Playwright)

Automates end-to-end browser testing for Symfony applications using Panther and Playwright to ensure seamless user flows.

Bitwarden Secret Manager

Automates the identification and creation of missing Bitwarden credentials using the Bitwarden CLI for secure environment setup.

Symfony Rate Limiting

Implements robust request throttling and API protection for Symfony applications using advanced rate-limiting algorithms.

API Platform Testing for Symfony

Streamlines functional testing for Symfony API Platform resources using ApiTestCase and Zenstruck Foundry.

Defense-in-Depth Validation

Implements a multi-layered validation strategy to ensure software reliability and prevent bugs at every architectural level.

Mutation Testing

Validates test suite effectiveness by introducing deliberate code mutations to identify and fix weak test cases.

Doctrine Fixtures with Foundry

Generates realistic, type-safe test data and fixtures for Symfony applications using Zenstruck Foundry factories.

Test Documentation Creator

Generates and validates professional testing strategies and test organization documentation for software projects.

Symfony Functional Testing

Automates the creation of comprehensive functional tests for Symfony applications using WebTestCase and BrowserKit.

Symfony Test Doubles & Mocking

Generates PHPUnit mocks, Prophecy doubles, and test fakes to facilitate isolated unit testing within Symfony applications.

Bun Test Lifecycle

Manages test setup and teardown routines using Bun's native testing lifecycle hooks and preload scripts.

Jest Unit Test Generator

Generates comprehensive Jest unit tests for JavaScript and TypeScript projects with automated mocking and coverage support.

Security Headers Configuration

Configures robust HTTP security headers to protect web applications against common browser-based attacks like XSS, clickjacking, and MIME sniffing.

CSRF Protection

Safeguards web applications by implementing multi-layered Cross-Site Request Forgery (CSRF) defenses and secure token patterns.

OAuth Implementation

Implements secure OAuth 2.0 and OpenID Connect authentication flows for web and mobile applications.

Verification Before Completion

Enforces rigorous evidence-based verification protocols to ensure code accuracy and quality before any task is finalized.

API Testing

Automates the creation and management of robust HTTP API tests for TypeScript and Python environments.

API Contract Testing

Verifies API reliability between microservices using consumer-driven contracts and schema validation to prevent breaking changes.

Access Control & RBAC

Implements secure, fine-grained access control systems using RBAC, ABAC, and policy-driven authorization patterns.

Cloudflare Workers Security

Implements production-ready security patterns for Cloudflare Workers including authentication, rate limiting, and input validation.

Cloudflare Workers Testing

Implements comprehensive unit and integration testing for Cloudflare Workers using Vitest and the official workers pool for high-fidelity simulation.

Test Quality Analysis

Analyzes and improves test suites by detecting test smells, overmocking, flaky tests, and coverage gaps.

Impact Analyzer

Analyzes codebase dependencies and assesses breaking change risks before implementing code modifications.

Better Auth Integration

Streamlines the integration of the Better Auth framework into TypeScript applications with optimized patterns for Cloudflare D1, Next.js, and Nuxt.

XSS Security & Prevention

Implements robust cross-site scripting (XSS) protections through advanced input sanitization, output encoding, and secure Content Security Policy configurations.

Skill Review Auditor & Validator

Performs a systematic 15-phase audit of Claude Code skills to ensure documentation accuracy, API currency, and standards compliance.

Rails Security

Implements comprehensive Rails security patterns including field-level encryption, granular authorization policies, and protection against common web vulnerabilities.

Clerk Authentication

Implements secure user authentication and session management using Clerk for React, Next.js, and Cloudflare Workers.