Security & Testing Claudeスキル

Security Header Generator

Configures robust security HTTP headers and Content Security Policies to protect web applications from common vulnerabilities.

Deno Secure Sandboxes

Executes untrusted code in secure, isolated Linux microVMs for AI agents and multi-tenant applications.

Dependency Vulnerability Scanner

Identifies, reports, and remediates security vulnerabilities in project dependencies across multiple programming languages.

Testing Framework Helper

Generates comprehensive, production-ready test suites for JavaScript, TypeScript, and Python using frameworks like Jest, Pytest, and Playwright.

Test-Driven Development Workflow

Guides the Red-Green-Refactor cycle to ensure high-quality, verified code through test-first development.

Smart Contract Generator

Generates secure, production-ready Solidity smart contracts using OpenZeppelin standards and industry best practices.

Accessibility Auditor

Audits web and mobile applications for WCAG 2.2 AA compliance using automated tools, manual findings, and deep code analysis.

Ark Vulnerability Fixer

Streamlines CVE research and security patch workflows for Ark using CIRCL API integration and automated dependency analysis.

Semgrep Static Analysis

Performs high-speed static analysis and security scanning to identify vulnerabilities and enforce custom code patterns.

Signal Isolated Auth

Enforces maximal security isolation for Signal authentication using nested VM and container boundaries with colored operad constraints.

Polar Integration Validator

Validates and secures Polar.sh billing integrations by checking webhooks, signatures, and environment configurations.

Semgrep Rule Creator

Generates custom Semgrep rules to detect security vulnerabilities and logic bugs within source code.

Testcontainers for Go

Simplifies Go integration testing by providing lightweight, throwaway Docker instances for databases, message queues, and cloud services.

SARIF Security Parsing

Parses and analyzes Static Analysis Results Interchange Format (SARIF) files to streamline security vulnerability management and tool integration.

Sandbox Security

Executes untrusted code and system commands in secure, isolated microVMs to protect the host environment.

Tizen Sandbox Escape Detector

Tests Tizen application sandboxes for privilege escalation and escape vulnerabilities to ensure robust process isolation.

Security Implementation Guide

Implements production-ready security patterns to protect web applications against common vulnerabilities like XSS, CSRF, and SQL injection.

Verification Before Completion

Enforces a strict evidence-first workflow by requiring fresh command output and verification before any task is marked as complete.

SPI Parallel Verification

Verifies Strong Parallelism Invariance and GF(3) conservation to ensure deterministic execution across parallel 3-way color streams.

SPI Parallelism Verification

Verifies Strong Parallelism Invariance (SPI) and GF(3) conservation across deterministic data streams to ensure execution-order independence.

Project Production Auditor

Performs automated production-readiness audits to identify security risks, code quality issues, and infrastructure gaps in AI-generated projects.

SPI Parallel & GF(3) Verifier

Ensures mathematical consistency and execution order invariance for deterministic color streams and tripartite data.

Terraform Test Expert

Validates infrastructure-as-code configurations using the native Terraform testing framework and .tftest.hcl patterns.

QA Regression Testing with Playwright

Automates browser-based regression testing using a modular Playwright framework and reusable test skills.

ProofGeneral Narya: Higher-Dimensional Type Theory

Automates higher-dimensional formal verification and version control using observational type theory and hierarchical agent structures.

Comprehensive Security Analysis

Performs deep-dive security audits and vulnerability assessments across diverse technology stacks to identify and remediate risks.

Secret Detection Rule Optimizer

Standardizes the modification and performance benchmarking of secret detection rules to ensure high-speed, accurate scanning.

TDD Workflow for Claude Code

Enforces a strict Red-Green-Refactor cycle for software development tasks using automated gate hooks and evidence tracking.

Python Code Reviewer

Audits Python source code for PEP8 compliance, modern type hints, and architectural anti-patterns using industry-standard tooling.

GitHub Copilot for Claude

Integrates GitHub Copilot's advanced coding capabilities into Claude for high-performance code analysis, debugging, and refactoring.