Security & Testing Claude 스킬

Cross-Distro E2E Container Testing

Automates end-to-end installer testing within isolated Docker containers across multiple Linux distributions like Ubuntu, Debian, and Fedora.

WCAG Accessibility Audit Patterns

Conducts comprehensive WCAG 2.2 accessibility audits with automated testing integration and step-by-step remediation guidance.

UI Visual Regression Reviewer

Analyzes and validates visual diffs from Storybook, Playwright, and Argos to distinguish intentional UI changes from accidental regressions.

SpecSafe Completion

Finalizes and archives SpecSafe specifications by transitioning them from QA to a production-ready completed status.

Debugging Strategies

Master systematic debugging techniques, profiling tools, and root cause analysis to efficiently track down bugs across any codebase.

Codex Home Audit

Audits Codex home directories to detect configuration drift, security risks, and cleanup opportunities.

Quality Gates

Implements multi-level quality verification procedures to ensure code security, performance, and production readiness.

AI Prompt Safety & Engineering Review

Performs comprehensive safety audits and performance optimizations for AI prompts to ensure secure, unbiased, and effective model interactions.

React Test Coverage Optimizer

Identifies test gaps and generates comprehensive unit, integration, and E2E tests to ensure high-quality React applications.

Mutual TLS Configuration

Configures mutual TLS (mTLS) and zero-trust security for service-to-service communication within cloud-native environments.

Go Hexagonal & DDD Architect

Reviews Go codebases for Hexagonal Architecture compliance and Domain-Driven Design principles using automated tests and AI analysis.

React TDD Feature Scaffolder

Generates complete, production-ready React features using a strict Test-Driven Development workflow and feature-based architecture.

React & TypeScript Code Reviewer

Conducts comprehensive quality audits for React and TypeScript applications to ensure best practices, performance, and accessibility.

Terraform Test Expert

Validates infrastructure-as-code configurations using the native Terraform testing framework and .tftest.hcl patterns.

Run and Triage

Executes shell commands and provides automated root-cause analysis for any resulting failures.

Test-Driven Development (TDD)

Enforces a strict test-first development workflow by requiring failing tests before any production code is written.

Go Architecture Test Manager

Enforces Hexagonal Architecture and DDD constraints by automatically generating and updating Go architecture tests.

Incident Response Commander

Orchestrates IT outage recovery and security incident management using industry-standard frameworks and structured communication workflows.

Systematic Debugging

Enforces a rigorous, four-phase debugging methodology to identify root causes and implement stable fixes without guesswork.

Audit Context Builder

Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.

Code Quality Standards

Establishes robust testing frameworks, CI/CD pipelines, and automated quality gates to maintain high software reliability.

Systematic Bug Investigation

Identifies root causes and documents findings for complex software bugs to streamline the debugging workflow.

Testing Philosophy

Implements universal principles for writing robust, maintainable tests by focusing on behavior over implementation details.

LLM Evaluation & Testing

Automates LLM prompt testing and performance evaluation using Promptfoo to ensure model reliability and security.

Security Best Practices Review

Reviews code and architecture against language-specific security standards and the OWASP Top 10:2025 framework.

Screen Reader Accessibility Testing

Validates web application accessibility and screen reader compatibility through comprehensive testing guides and implementation patterns.

Enterprise Requirements Writing & Gherkin

Standardizes the software development lifecycle by generating testable User Stories and Gherkin scenarios for enterprise Rails applications.

Sharp Edges Security & API Audit

Identifies dangerous API designs, insecure defaults, and configuration footguns to ensure code is secure by default.

Sniper Code Quality Check

Validates code quality and applies precision fixes using an isolated, 6-phase automated workflow.

Testing Handbook Skill Generator

Automates the creation of security testing skills by analyzing and transforming the Trail of Bits Testing Handbook into Claude Code capabilities.