Security & Testing Claude 스킬

Auth0 Security Specialist

Implements and optimizes Auth0 security features including attack protection, multi-factor authentication, and advanced token security standards.

Vamsa Testing Standards

Implements high-quality unit and E2E testing patterns for the Vamsa genealogy application using Vitest and Playwright.

Promptfoo LLM Testing

Evaluates and compares LLM outputs using an automated testing framework to ensure prompt reliability and quality.

Security Design Patterns

Implements robust security layers including client-side encryption, API key management, and schema-based input validation.

Feature Status Tracker

Automates the detection and counting of failing Gherkin features to orchestrate autonomous coding loops.

Azure Auth for React & Cloudflare Workers

Implements secure Microsoft Entra ID authentication for React SPAs and Cloudflare Workers using MSAL.js and serverless JWT validation.

Web Application Testing

Automates browser-based testing and UI verification for local web applications using Playwright.

Agent Evaluation Framework

Evaluates AI agent workflows and performance using a comprehensive framework based on Anthropic's best practices.

PCI Compliance & Secure Payments

Implements PCI DSS requirements and secure payment handling patterns to protect cardholder data and ensure regulatory compliance.

Cloudflare Turnstile Integration

Implements secure, privacy-focused bot protection and spam prevention using Cloudflare Turnstile.

GDPR Compliance Expert

Implements GDPR-compliant coding patterns and privacy-by-design principles to protect user data and ensure legal adherence.

SOC 2 Compliance Specialist

Guides developers through the implementation of SOC 2 Trust Services Criteria, from access controls to audit-ready logging and evidence collection.

HIPAA Compliance Guide

Provides expert guidance and technical safeguards for developing HIPAA-compliant healthcare applications and handling Protected Health Information (PHI).

PCI DSS Compliance Guidelines

Implements secure payment processing and cardholder data handling patterns following PCI DSS v4.0 standards.

Rust Unsafe & FFI Guide

Provides expert guidance and safety patterns for writing sound unsafe code and FFI bindings in Rust.

PHP Security Essentials

Implements industry-standard PHP security patterns and hardening techniques to protect applications against OWASP Top 10 vulnerabilities.

Smart Test Fixing

Systematically identifies, groups, and resolves failing test suites using an intelligent root-cause analysis workflow.

Security Review & Audit

Enforces rigorous security standards and identifies vulnerabilities across authentication, data handling, and API implementation.

TDD Workflow Enforcer

Implements a rigorous test-driven development cycle ensuring 80% code coverage across unit, integration, and end-to-end tests.

Verification Loop

Standardizes code quality through a rigorous six-phase verification process covering builds, types, linting, tests, security, and diffs.

Test-Driven Development Mastery

Enforces a rigorous Red-Green-Refactor workflow to ensure high-quality, verified production code through strict TDD principles.

PICT Test Designer

Generates optimized pairwise test cases and combinatorial models from software requirements or code.

Claude Eval Harness

Implements a formal evaluation framework for Claude Code sessions using Eval-Driven Development (EDD) principles.

Git Branch Protection

Enforces safe Git workflows by blocking direct pushes to primary branches and preventing unapproved force pushes within Claude Code.

Playwright E2E Specialist

Builds robust, maintainable end-to-end browser tests using Playwright best practices and the Page Object Model.

Systematic Debugging Framework

Implements a rigorous four-phase debugging methodology to identify root causes and ensure stable, long-term software fixes.

Security Reviewer

Conducts comprehensive security audits and vulnerability assessments to identify and remediate code and infrastructure risks.

FFUF Web Fuzzing

Simplifies web discovery and penetration testing by providing expert command templates and analysis patterns for the FFUF tool.

TDD Master: Test-Driven Development Workflow

Guides developers through the Red-Green-Refactor discipline to build robust, behavior-driven software with optimal test coverage.

Autonomous API Testing

Automates API contract validation, performance benchmarking, and gRPC service testing using declarative HTTP tools and load testing frameworks.