Security & Testing Claudeスキル

Systematic Debugging

Employs a disciplined methodology to identify and resolve the root causes of software bugs rather than masking symptoms.

MT5 Log Reader

Analyzes MetaTrader 5 log files to validate indicator execution, debug runtime errors, and verify unit test results.

Testing Builder

Generates comprehensive unit, integration, and E2E test suites automatically while learning from your project's specific testing style.

Security Review Methodology

Analyzes implementation changes for security vulnerabilities and risks using a structured framework based on industry best practices.

Security Hint

Identifies potential security vulnerabilities and secret exposures in real-time to promote safer development practices.

Code Review Gate

Enforces mandatory human oversight for security-sensitive, complex, or high-volume code changes within the development lifecycle.

Project Auditor

Conducts comprehensive production-readiness audits to identify security vulnerabilities, code quality issues, and infrastructure gaps in AI-generated or legacy projects.

Automated Code Reviewer

Performs comprehensive pull request audits focusing on security, performance, code quality, and testing standards.

Specification Tracing & Coverage

Enforces rigorous software development by linking normative specifications to implementation and test suites using unique paragraph IDs.

Defense-in-Depth Validation

Implements a multi-layered validation strategy to eliminate data-driven bugs by enforcing checks at every system boundary.

CVE Dependency Audit

Scans project dependencies across multiple programming languages to identify and report known security vulnerabilities and CVEs.

Security Audit

Performs systematic security reviews of application code, dependencies, and configurations to identify vulnerabilities and suggest remediation strategies.

Structured Code Reviewer

Performs code reviews using a rigorous methodology based on confidence scoring and severity ratings.

Test-Driven Development (TDD)

Enforces a disciplined RED-GREEN-REFACTOR cycle to ensure high-quality, test-backed code implementation.

React Native Testing Master

Implements comprehensive testing strategies for React Native apps including unit, component, and E2E tests.

CVE Vulnerability Lookup

Retrieves detailed information about Common Vulnerabilities and Exposures (CVEs) and affected software versions directly within your development environment.

Web3 Thirdweb SIWE Auth

Implements and debugs secure wallet connections and SIWE authentication flows using thirdweb v5.

Core Banking & Wealth Management

Integrates hardware wallets, post-quantum cryptography, and AI-driven risk management for secure wealth protection and trade execution.

Reverse Engineering

Performs deep binary analysis, decompilation, and vulnerability research using Ghidra, IDA Pro, and radare2 integration.

Substitute Eraser

Scans codebases for placeholders, TODOs, and stubs to generate structured remediation plans for technical debt.

Web Application Testing

Automates local web application testing and UI verification using Playwright and server management utilities.

Bisimulation Game

Verifies and synchronizes functional equivalence across AI agent states using formal game theory and coinductive types.

Requirement Quality Validator (speckit-checklist-zh)

Generates professional, domain-specific checklists to validate the quality, clarity, and completeness of software requirements.

Implementation Verifier

Validates implemented code against PRD requirements to ensure architectural integrity and zero-omission compliance.

Rails Software Engineer

Implements Ruby on Rails features and bug fixes using a disciplined Test-Driven Development (TDD) workflow.

Token Security Analyzer

Identifies blockchain token security risks, honeypots, and potential rug pulls by analyzing on-chain transaction patterns and liquidity.

Tree-Sitter Code Analyzer

Analyzes code structures and module dependencies to automate integration verification and cross-prover theorem mapping.

Layered Architecture Testing

Orchestrates comprehensive testing across architectural layers with coverage-first analysis and isolated worktrees.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure all production code is verified by failing tests before implementation.

Security Engineer

Implements robust security best practices and protection patterns across the entire application stack.