Security & Testing Claudeスキル

Web Security & Vulnerability Reference

Provides a comprehensive, structured catalog of the top 100 web application vulnerabilities with root causes and remediation strategies.

XSS and HTML Injection Security Tester

Conducts comprehensive security assessments to identify and demonstrate cross-site scripting and HTML injection vulnerabilities in web applications.

GitHub Actions Workflow Security

Secures GitHub Actions reusable workflows by implementing input validation, explicit secret inheritance, and supply chain protection patterns.

Cloud Penetration Testing

Conducts comprehensive security audits and penetration tests across AWS, Azure, and Google Cloud Platform environments.

Security Review & Best Practices

Audits code for vulnerabilities and enforces security best practices across authentication, data handling, and API development.

Privilege Escalation Toolkit

Provides comprehensive methodologies and commands for elevating user privileges on Linux and Windows systems during security assessments.

SQLMap Database Pentesting

Automates SQL injection detection and database exploitation using SQLMap's comprehensive security testing methodologies.

XSS & HTML Injection Security Testing

Performs comprehensive security assessments to identify, exploit, and remediate Cross-Site Scripting (XSS) and HTML injection vulnerabilities in web applications.

Red Team Methodology & Security Tools

Streamlines security reconnaissance and vulnerability discovery using proven red teaming methodologies and industry-standard tools.

SQLMap Database Pentesting

Automates the detection and exploitation of SQL injection vulnerabilities to identify and secure database-driven web applications.

Security Review Pro

Audits code for vulnerabilities and implements industry-standard protection patterns for authentication, data handling, and API security.

SQLMap Database Pentesting

Automates SQL injection vulnerability detection and database exploitation using the industry-standard SQLMap penetration testing framework.

Security Review Pro

Conducts comprehensive security audits and implements defensive coding patterns to protect applications from common vulnerabilities.

TDD Workflow Specialist

Implements the Red-Green-Refactor cycle to ensure production-grade code reliability and architectural integrity.

Test-Driven Development (TDD) Workflow

Implements a disciplined Red-Green-Refactor cycle to ensure code quality through test-first development principles.

Top 100 Web Vulnerabilities Reference

Provides a comprehensive guide to identifying, understanding, and mitigating the top 100 web application security vulnerabilities.

Backend Enum Use

Implements type-safe, feature-rich PHP enums following Laravel conventions to eliminate magic strings and improve code quality.

Red Team Methodology & Tools

Automates security reconnaissance, vulnerability discovery, and bug bounty hunting using industry-standard red team workflows and toolsets.

Web Security & Vulnerability Reference

Provides a comprehensive, structured reference for identifying, assessing, and mitigating the top 100 web application vulnerabilities.

Clerk Authentication

Implements secure, production-grade user authentication and route protection using Clerk for Next.js applications.

Clerk Authentication

Implements secure Clerk authentication patterns, middleware, and user management for Next.js applications.

Automated Testing & Verification

Automates the discovery, execution, and verification of software tests across unit, integration, web, and desktop environments.

Testing Test Writing

Guides the strategic creation of tests by focusing on core user flows and behavioral outcomes while maintaining development velocity.

Authentication & Identity Management

Implements secure authentication and authorization systems including JWT, OAuth2, OIDC, and role-based access control.

Baselayer Analysis & Investigation

Employs an evidence-based methodology to investigate codebases, diagnose root causes, and map system architectures with calibrated confidence levels.

Clerk Local Dev Loop

Streamlines the integration and local testing of Clerk authentication in your development environment.

Tmux Plugin Testing

Streamlines the testing of Claude Code plugins and hooks by running isolated, automated sessions within tmux.

OpenSpec Change Verifier

Verifies that code implementations align perfectly with specified change artifacts, tasks, and design requirements using the OpenSpec CLI.

Clerk Session & Middleware Workflow

Secures Next.js applications by implementing Clerk-based session management, advanced middleware route protection, and JWT token refresh logic.

AI Research & Security

Conducts objective AI system analysis and technical research while providing robust protection against prompt injection in target files.