Security & Testing Claude 스킬

Spring Boot Security

Implements industry-standard security patterns and vulnerability mitigations for Java Spring Boot applications.

Spring Boot Verification Loop

Automates a comprehensive quality gate for Spring Boot projects including builds, testing, security scanning, and code review.

Code Review

Performs comprehensive audits of modified code to identify security vulnerabilities, performance bottlenecks, and violations of project-specific coding standards.

Go Testing & TDD Patterns (zh-TW)

Implements idiomatic Go testing patterns including table-driven tests, benchmarks, and fuzzing to ensure robust code quality.

API Test Design

Designs comprehensive API testing strategies including contract, integration, and performance testing to ensure service reliability.

Eval Harness for EDD

Implements an evaluation-driven development framework to measure and improve AI coding reliability through structured testing and metrics.

Skill Reviewer

Maintains high quality standards for Claude Code skills through systematic auditing and a comprehensive 10-point quality checklist.

Assertion Helper

Generates specific, context-rich test assertions and actionable error messages across multiple programming languages and frameworks.

PCI Compliance & Secure Payments

Implements PCI DSS standards and secure payment handling patterns to protect sensitive cardholder data.

Solidity Security & Audit

Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns.

Web3 Smart Contract Testing

Provides comprehensive testing strategies for Ethereum smart contracts using Hardhat and Foundry to ensure security, reliability, and gas efficiency.

SAST Security Configuration

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within the development lifecycle.

Secrets Management & CI/CD Security

Implements secure secrets handling for CI/CD pipelines using industry-standard tools like Vault, AWS Secrets Manager, and platform-native solutions.

SpecSafe Completion

Finalizes and archives SpecSafe specifications by transitioning them from QA to a production-ready completed status.

Kubernetes Security Policy Expert

Implements production-grade Kubernetes security configurations including NetworkPolicies, RBAC, and Pod Security Standards.

Temporal Python Testing

Streamlines Temporal workflow testing in Python through automated time-skipping, activity mocking, and determinism validation.

Testing Handbook Generator

Generates comprehensive security testing handbooks and strategy guides to streamline audit workflows.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress to ensure application reliability and prevent regressions.

Requirement Quality Validator (speckit-checklist-zh)

Generates professional, domain-specific checklists to validate the quality, clarity, and completeness of software requirements.

CVE Dependency Audit

Scans project dependencies across multiple programming languages to identify and report known security vulnerabilities and CVEs.

CVE Vulnerability Lookup

Retrieves detailed information about Common Vulnerabilities and Exposures (CVEs) and affected software versions directly within your development environment.

AI Validation Architect

Defines actionable AI validation criteria and testing standards to ensure code quality before task completion.

Go Test Scaffold Generator

Automates the creation of table-driven Go test suites following oastools conventions and testify patterns.

Incident Response Commander

Orchestrates IT outage recovery and security incident management using industry-standard frameworks and structured communication workflows.

Validator Role

Implements rigorous software quality assurance, comprehensive test suites, and security-focused code reviews to ensure production-grade standards.

Systematic Bug Investigation

Identifies root causes and documents findings for complex software bugs to streamline the debugging workflow.

Rails Code Quality Gates

Implements a multi-layered validation system for Ruby on Rails using Solargraph, Sorbet, and Rubocop to ensure enterprise-grade code standards.

Blockchain Integration Builder

Designs and implements chain-agnostic blockchain architectures, smart contract patterns, and decentralized application workflows.

Workflow Validator

Ensures AI-generated JSON artifacts meet specific structural and content criteria through deterministic validation scripts.

RSpec Testing Patterns

Implements enterprise-grade RSpec testing patterns for robust Ruby on Rails application development.