Security & Testing Claude 스킬

Test Patterns

Simplifies the creation and organization of robust tests using industry-standard patterns across multiple programming languages.

Strategic Test Writing

Implements a priority-driven testing strategy that focuses on core user flows and critical paths to maintain development velocity.

Automated Unit Testing

Generates robust unit tests and configurations for React components and TypeScript functions using Vitest and React Testing Library.

RSpec Core Fundamentals

Provides standardized BDD structures and best practices for writing clean, maintainable Ruby test suites using RSpec.

Go Channel Sync Simulator

Simulates Go-style channel communication patterns using filesystem-based scripts for testing and demonstration purposes.

Clerk Authentication & Identity Management

Integrates robust user authentication, session management, and JWT token handling using Clerk for secure web applications and blockchain integrations.

TDD Feature Development

Integrates test-driven development practices into feature implementation workflows to ensure high-quality code and comprehensive test coverage.

Agile TDD Workflow Implementation

Executes a rigorous Test-Driven Development (TDD) cycle to implement features based on task specifications and traceability requirements.

Security Requirement Extraction

Transforms threat models and business context into actionable security requirements and testable user stories.

TDD Discipline

Enforces a strict Red-Green-Refactor cycle by requiring a failing test before any production code is implemented.

Verification Guardrail

Enforces rigorous verification procedures to ensure all completion claims are backed by fresh, evidentiary test and build results.

Windsurf Security Basics

Secures Windsurf API integrations by implementing secret management, least privilege access, and audit logging best practices.

Security Audit & OWASP Compliance

Performs comprehensive security reviews and code audits using the OWASP Top 10 framework to identify and remediate vulnerabilities.

Security Incident Response

Manages the end-to-end lifecycle of security vulnerability reports and patches through coordinated disclosure and timely communication.

Architecture Review Agent

Audits cloud-native architectures and codebases to ensure high reliability, security, and operational readiness.

Cursor SSO Integration

Configures enterprise-grade authentication including SAML 2.0 and OIDC for the Cursor code editor.

Code Reviewer Pro

Reviews code changes for security, performance, and maintainability while providing actionable, prioritized feedback aligned with repository standards.

Broken Authentication Security Testing

Conducts comprehensive security audits for authentication and session management vulnerabilities in web applications to prevent unauthorized access.

Python Security and Privacy Refactoring

Audits Python research code for data leaks, PII exposure, and license compliance risks.

Validate-Integrity 150

Validates work quality and goal alignment through a rigorous final self-check protocol before delivery.

Testing Patterns & TDD Workflow

Implements robust Jest testing strategies, factory patterns, and TDD workflows for maintainable frontend codebases.

AWS Penetration Testing

Performs comprehensive security assessments and penetration testing workflows for AWS cloud infrastructure.

API Security Best Practices

Implements industry-standard security patterns to protect API endpoints against unauthorized access and common web vulnerabilities.

LabTrack Testing Strategy

Standardizes multi-layer testing workflows including Playwright E2E, Vitest components, and automated UI verification.

Systematic Debugging

Eliminates trial-and-error programming by enforcing a rigorous four-phase root cause analysis before applying code fixes.

Retell AI Integration Safeguard

Identifies and prevents common Retell AI integration mistakes and anti-patterns during code reviews and audits.

Security Scanning & Vulnerability Assessment

Performs comprehensive security audits and vulnerability assessments across networks, web applications, and cloud environments using industry-standard tools.

UI Check Framework

Builds and extends extensible UI self-check frameworks for Web UIs using Playwright to automate visual and functional quality assurance.

Red Team Tactics & Adversary Simulation

Simulates adversary behaviors and security assessments based on the industry-standard MITRE ATT&CK framework.

Linux Privilege Escalation

Automates the identification and exploitation of security vulnerabilities to elevate user permissions on Linux systems.