Security & Testing Claude 스킬

Kubernetes Security Policies

Implements defense-in-depth security for Kubernetes clusters using NetworkPolicies, Pod Security Standards, and fine-grained RBAC.

E2E Testing Patterns

Implements reliable end-to-end testing suites using Playwright and Cypress to ensure application stability and catch regressions.

TDD Workflow

Enforces rigorous test-driven development practices with comprehensive coverage requirements across unit, integration, and E2E tests.

1Password CLI Integration

Manages secure credential access and secret injection using the 1Password CLI within Claude Code environments.

Debugging Strategies & Root Cause Analysis

Master systematic debugging techniques and profiling tools to efficiently resolve bugs and performance issues across any technology stack.

Global Validation

Implements comprehensive multi-layer input validation and sanitization to ensure data integrity and prevent security vulnerabilities across the application.

Safety Architecture Framework

Implements robust safeguards for autonomous systems including kill switches, circuit breakers, and human-in-the-loop oversight.

ShellCheck Configuration Mastery

Optimizes shell script quality through advanced ShellCheck static analysis configuration and CI/CD integration patterns.

Web Application Testing

Automates browser-based testing and debugging for local web applications using Playwright to ensure frontend reliability.

Bats Shell Testing Patterns

Master the Bash Automated Testing System (Bats) to build robust, production-grade test suites for shell scripts and utilities.

Dependency Upgrade Manager

Facilitates complex framework and library version upgrades using compatibility analysis, staged rollouts, and automated testing strategies.

Test Failure Resolver

Systematically identifies and repairs failing tests using intelligent error grouping and prioritized fixing strategies.

Security Core

Secures applications with comprehensive expertise in authentication, authorization, and OWASP Top 10 compliance for TypeScript, Python, and Rust projects.

AWS Security Reviewer

Conducts comprehensive security audits and provides best practice guidelines for AWS automation scripts and Python projects.

ShellCheck Configuration & Linting

Optimizes shell script quality by configuring ShellCheck static analysis, fixing common pitfalls, and enforcing portability standards.

Scale Game Problem Solving

Validates software architecture and exposes hidden bugs by testing logic at extreme scales of volume, speed, and time.

Security Core

Secures applications across TypeScript, Python, and Rust with expert guidance on authentication, authorization, and OWASP best practices.

Smart Contract Entry Point Analyzer

Identifies and categorizes state-changing entry points in smart contracts to map attack surfaces for security audits.

Error Handling Patterns

Implements robust error handling strategies and resilient patterns like Circuit Breakers across multiple programming languages.

Vault & Secrets Management

Streamlines HashiCorp Vault workflows and Kubernetes secret management using industry-standard security best practices.

Debugging Strategies

Implements systematic debugging techniques and profiling tools to identify and resolve complex software bugs across any technology stack.

Secrets Management for CI/CD

Secures sensitive credentials and automates secret rotation within CI/CD pipelines using industry-standard tools and cloud services.

Breaking Change Detection

Identifies and documents backward-incompatible changes across APIs, databases, and code contracts to ensure stable versioning and smooth migrations.

SAST Security Configuration

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within the development lifecycle.

Debug Team Workflow

Orchestrates a structured full-repository debugging process including triage, bug logging, and verified fixes.

QA Release Gate Agent

Automates risk-based testing, CI/CD quality gate verification, and release readiness reporting to ensure production stability.

Gateway Bookkeeper

Enforces Model Context Protocol (MCP) tool usage through a centralized gateway to ensure policy-driven execution and auditable logging.

Project Workflow Auditor

Audits repositories for security vulnerabilities, CI/CD safety, and compliance with engineering standards to ensure production readiness.

Automated Web App Testing

Automates local web application testing and UI verification using Playwright scripts and integrated server management.

CUI Marketplace Architecture

Enforces architectural standards and validation patterns for self-contained, compliant Claude Code marketplace components.