Security & Testing Claude 스킬

PHPStan Error Resolver

Automatically detects and resolves PHPStan static analysis errors by iteratively fixing type issues and code inconsistencies.

Foundry Test Factory Generator

Generates Zenstruck Foundry factories for PHP entities to streamline automated testing workflows.

Testing Strategy & Quality Standards

Establishes comprehensive testing frameworks, coverage requirements, and automated quality assurance patterns across multiple programming environments.

Security Checklist & Audit Guide

Audits application code and provides implementation patterns to mitigate OWASP Top 10 vulnerabilities and data breaches.

Debugging Methodology

Implements systematic, scientific processes to identify, reproduce, and resolve complex software defects and performance bottlenecks.

Security Custom Rules

Empowers developers to design, validate, and implement tailored security linting rules using Semgrep and Bandit syntax.

Patch Engineer

Evaluates and improves security patches with senior-level expertise in vulnerability remediation, secure coding patterns, and regression prevention.

System Architect

Evaluates architectural quality, catalogs technical debt, and generates risk-based improvement roadmaps for legacy and complex codebases.

Vitest Testing Standards

Implements high-quality Vitest testing patterns and standards for robust JavaScript and TypeScript applications.

Bats Testing Patterns

Implements comprehensive unit testing and TDD patterns for shell scripts using the Bash Automated Testing System (Bats).

Chaos Engineering Fundamentals

Implements proactive resilience testing through controlled fault injection experiments to discover system weaknesses before they cause outages.

Cloudflare Turnstile Integration

Protects web applications and forms from bot traffic using Cloudflare's privacy-focused CAPTCHA alternative.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, mocking, and fixtures to ensure code reliability and high coverage.

Debugging Strategies

Employs systematic methodologies and advanced profiling tools to identify, isolate, and resolve complex software bugs across multiple tech stacks.

Ansible Testing & Linting

Automates Ansible playbook validation through comprehensive linting, syntax checking, and idempotency testing strategies.

GitLab Stack Secrets Manager

Manages secure Docker secrets for GitLab stack projects by enforcing proper storage, permissions, and migration from environment variables.

Intelligent Test Generation Framework

Automates the discovery, prioritization, and generation of robust integration and unit tests across multiple technology stacks.

Scientific Python Testing

Implements robust testing for scientific Python packages using pytest best practices and community-standard guidelines.

Testing Strategy Framework

Implements comprehensive software testing architectures using TDD methodology, the test pyramid, and automated validation patterns.

Test Pyramid Design

Architects optimized test distribution strategies and identifies testing anti-patterns to ensure fast, reliable development pipelines.

Security Analyst

Performs expert-level security audits, vulnerability assessments, and compliance mapping using industry standards like OWASP and CVSS v3.1.

Security Reviewer

Performs comprehensive security audits, threat modeling, and SLSA compliance checks to ensure production-grade software security.

CodeQL Security Analysis

Interprets CodeQL SARIF outputs to identify, validate, and remediate complex security vulnerabilities through deep semantic dataflow analysis.

Zero Trust Architecture

Implements zero-trust security principles including ZTNA, micro-segmentation, and identity-first access for cloud-native applications.

SaaS Compliance Frameworks

Implements security controls and regulatory patterns for SOC 2, GDPR, HIPAA, and other SaaS compliance frameworks.

Authorization Models & Access Control

Provides comprehensive architectural guidance and implementation patterns for RBAC, ABAC, ACL, and ReBAC permission systems.

Security Test Planning

Develops comprehensive security testing strategies including OWASP alignment, penetration test scoping, and automated SAST/DAST integration.

Apache License 2.0 Compliance Guide

Ensures derivative software projects adhere to Apache License 2.0 requirements for attribution, documentation, and redistribution.

TDD Workflow Assistant

Enforces a rigorous Test-Driven Development (TDD) methodology through the Red-Green-Refactor-Commit cycle for high-quality software delivery.

GDPR Compliance Planner

Provides comprehensive guidance and implementation patterns for building GDPR-compliant data systems and privacy controls.