Security & Testing Claude 스킬

Automation Workflow Validator

Validates and audits automation workflow JSON files for Power Automate, n8n, Make, and Zapier to ensure deployment readiness.

API Fuzzer

Performs automated fuzz testing on REST APIs to identify security vulnerabilities, input validation flaws, and edge-case failures.

Access Control Auditor

Identifies security vulnerabilities and misconfigurations in IAM policies, ACLs, and permission systems to ensure robust access management.

SOC 2 Audit Helper

Streamlines SOC 2 audit preparation by automating evidence gathering, Trust Service Criteria assessments, and compliance gap analysis.

Systematic Debugging

Establishes a rigorous, four-phase methodology to identify root causes and implement reliable fixes for software defects.

Test-Driven Development

Enforces a strict Red-Green-Refactor workflow to ensure all code is verified by failing tests before implementation.

Form Debugger & Auditor

Audits web forms for accessibility, validation, security, and autocomplete compatibility using Playwright automation.

Web Application Testing

Tests and debugs local web applications using automated Playwright scripts and integrated server lifecycle management.

Load Test Runner

Generates and executes comprehensive load testing scripts to validate application performance and identify architectural bottlenecks.

Dependency Checker

Scans project dependencies for security vulnerabilities, outdated packages, and license compliance across multiple programming languages.

Unit Test Generator

Generates comprehensive unit tests across multiple languages and frameworks to ensure code reliability and coverage.

Compliance Report Generator

Automates the creation of security compliance reports and audit documentation for standards like PCI DSS, HIPAA, and SOC 2.

Test Report Generator

Generates professional test reports with coverage metrics and trend analysis to streamline quality assurance and stakeholder communication.

Sandbox Manager

Configures and manages security sandboxing for Claude Code to ensure isolated and restricted execution of untrusted or sensitive code.

React Testing Patterns

Applies best practices for React and TypeScript testing by prioritizing user behavior, accessible queries, and realistic API mocking.

API Fuzzer

Automates API fuzzing to identify security vulnerabilities, edge cases, and potential system crashes through specialized testing patterns.

Pre-Commit Design Review

Validates TypeScript and React code against design principles, accessibility standards, and architectural best practices beyond what standard linters can enforce.

Linter-Driven Development

Orchestrates a comprehensive development workflow for TypeScript and React by integrating design, automated testing, linting loops, and pre-commit reviews.

Refactoring

Enhances code maintainability and reduces complexity through autonomous linter-driven patterns like storifying and dependency rejection.

Network Mock Server

Creates a flexible API mocking layer to intercept, record, and modify network requests for deterministic frontend testing.

NestJS Authentication

Implements secure and idiomatic authentication and authorization systems in NestJS applications using JWT, guards, and role-based access control.

Pre-Commit Design Review

Performs expert-level design analysis to detect architectural debt, primitive obsession, and abstraction issues that automated linters cannot identify.

Rails Error Prevention

Prevents common Ruby on Rails runtime errors and architectural pitfalls through proactive checklists and verification strategies.

Linter-Driven Development

Orchestrates an autonomous Go development workflow by integrating design, testing, linting, and refactoring into a continuous quality-controlled pipeline.

Compliance Management Analyst

Facilitates end-to-end security compliance for GDPR, SOC 2, and ISO 27001 through automated checklists and audit preparation guidance.

CCG Code Guardian

Enhances development workflows with persistent memory, automated security guarding, and multi-agent coordination for complex repositories.

Backend Bugfix & Testing

Resolves backend test failures and debugs Python, FastAPI, and SQLAlchemy errors using a structured TDD workflow.

Secrets Manager Integrator

Automates the setup and configuration of secrets management tools like HashiCorp Vault and AWS Secrets Manager for secure infrastructure.

Memory Deallocation & Free Safety Auditor

Detects and analyzes improper memory deallocation patterns including mismatched allocators, double frees, and invalid pointer usage in C/C++ code.

Smoke Test Runner

Executes automated smoke tests to verify critical application health and core functionality instantly.