Security & Testing Claude 스킬

Security Expertise

Conducts comprehensive security audits and vulnerability scans using OWASP patterns, CWE analysis, and STRIDE threat modeling.

Testing Strategies

Design and implement comprehensive test suites including unit, integration, and E2E tests across multiple programming languages.

Test-Driven Development (TDD) Workflow

Implements a robust Red-Green-Refactor cycle for building high-quality Rust and TypeScript applications.

Systematic Debugger

Implements a structured, scientific approach to identify, isolate, and resolve software bugs efficiently.

Vulnerability Patterns: Core

Detects universal security vulnerabilities and hardcoded secrets across all programming languages using standardized regex patterns.

PR Quality Analyzer

Automates the assessment of pull requests to ensure code quality, security compliance, and architectural integrity before merging.

Security Scanner

Scans source code for security vulnerabilities and provides actionable remediation patterns based on industry standards.

Systematic Debugging

Implements a rigorous, 5-step methodology to reproduce, isolate, and resolve software bugs without guesswork.

TDD Workflow Guide

Guides developers through the test-driven development cycle to ensure robust code through red-green-refactor iterations.

Defense in Depth Validation

Implements a multi-layered testing and validation framework to catch bugs across syntax, logic, integration, and user workflows.

Root Cause Tracing

Eliminates technical debt by identifying and fixing the origin of software bugs rather than patching superficial symptoms.

Verified Task Completion

Enforces strict validation of all coding tasks through live command output before allowing any claims of success.

Claude Plugin Validator

Validates Claude Code plugin structures, configurations, and security practices to ensure seamless integration and deployment.

Verification Before Completion

Ensures code quality by requiring fresh command-line evidence before claiming any task is finished.

Web3 & Smart Contract Security

Audits and identifies vulnerabilities in smart contracts and Web3 applications using expert penetration testing techniques.

Cloud Security Exploitation

Identifies and exploits security misconfigurations across AWS, Azure, and GCP environments to harden cloud infrastructure.

Python Code Review Expert

Performs deep, context-aware Python code reviews on changed files to identify security vulnerabilities, performance bottlenecks, and architectural issues.

LimaCharlie Telemetry Onboarding

Orchestrates step-by-step connections for cloud logs, SaaS applications, and third-party telemetry into the LimaCharlie SecOps platform.

LimaCharlie Sensor Manager

Manages, deploys, and troubleshoots LimaCharlie endpoint sensors across Windows, macOS, and Linux platforms for real-time EDR telemetry.

LimaCharlie Adapter Configurator

Configures and troubleshoots LimaCharlie adapters to seamlessly ingest telemetry from cloud services, identity providers, and various log sources.

LCQL Query Builder

Generates, optimizes, and explains LimaCharlie Query Language (LCQL) queries for advanced security telemetry analysis and threat hunting.

JavaScript Testing Patterns

Implements robust unit, integration, and end-to-end testing strategies for JavaScript and TypeScript applications.

Testing Best Practices

Implements standardized testing patterns, architectural pyramids, and TDD best practices for robust software development.

Security Best Practices

Implements core security principles and defensive programming patterns to safeguard applications against common vulnerabilities.

Tech Lead Code Reviewer

Enforces technical standards and manages engineering workflows by validating code implementations against architectural specifications.

Plugin Tester for Violet

Validates and audits Violet AI plugins to ensure structural integrity, schema compliance, and content quality before deployment.

Temporal Python Testing

Streamlines the testing of Temporal workflows and activities in Python using time-skipping, mocking, and determinism validation.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, advanced mocking, and test-driven development (TDD) patterns.

Python Testing Patterns

Implements comprehensive testing strategies for Python using pytest, advanced mocking, and test-driven development best practices.

Unit Test Generator

Generates comprehensive unit tests for React components, utility functions, and API routes with a 100% coverage target.