Security & Testing Claude 스킬

Agent Evaluation Framework

Evaluates and benchmarks LLM agents using behavioral testing, reliability metrics, and adversarial assessments to ensure production-grade performance.

Test-Driven Development (TDD) Workflow

Enforces a strict Red-Green-Refactor cycle to ensure all production code is verified by failing tests before implementation.

Verification Before Completion

Enforces a rigorous evidence-based workflow that requires real-time command output before any task is marked as complete.

Web App Testing Toolkit

Facilitates end-to-end testing and UI debugging of local web applications using Playwright scripts and automated server management.

Blueprint Develop

Implements trading strategies using test-driven development and rigorous postmortem compliance to prevent architectural regressions.

JavaScript Testing Patterns

Implements robust testing architectures and best practices using Jest, Vitest, and Testing Library for JavaScript and TypeScript projects.

Dify Frontend Testing

Generates comprehensive Vitest and React Testing Library tests for frontend components, hooks, and utilities following project-specific conventions.

Frontend Code Reviewer

Conducts automated reviews of TypeScript and JavaScript code to identify performance bottlenecks, quality issues, and logic errors.

Python Testing Patterns

Implements robust Python testing strategies using pytest, fixtures, mocking, and test-driven development best practices.

Systematic Debug Workflow

Enforces a rigorous, multi-phase debugging process that requires proof of root cause before allowing any code modifications.

Testing Pest

Generates comprehensive Pest test suites for Laravel projects, ensuring high coverage across controllers, services, and Livewire components with standardized organizational patterns.

Blueprint Strategy Review

Conducts multi-dimensional security, quality, and postmortem compliance audits for trading strategies before deployment.

Vault Operations

Automates HashiCorp Vault administration, secret management, and secure identity-based access control.

Cloud Penetration Testing

Conducts comprehensive security assessments and penetration tests across AWS, Azure, and Google Cloud Platform environments.

Security Expertise

Conducts comprehensive security audits and vulnerability scans using OWASP patterns, CWE analysis, and STRIDE threat modeling.

Test-Driven Development (TDD) Workflow

Implements a robust Red-Green-Refactor cycle for building high-quality Rust and TypeScript applications.

Active Directory Security Testing

Provides comprehensive methodologies and command references for auditing Microsoft Active Directory environments during authorized penetration tests.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure every line of production code is verified by a failing test first.

SSH Penetration Testing

Conducts comprehensive SSH security assessments including enumeration, credential attacks, and configuration auditing.

Scale Game

Stress-tests architectural assumptions by simulating extreme scaling scenarios to identify fundamental system limits and bottlenecks.

SMTP Security & Penetration Testing

Performs comprehensive security assessments of SMTP servers to identify vulnerabilities like open relays, user enumeration, and weak authentication.

RSpec Test Framework

Automates the generation and execution of RSpec tests for Ruby applications with support for complex mocking and hooks.

xUnit Test Framework for .NET

Generates and executes xUnit tests for C# projects with integrated support for FluentAssertions and Moq.

Pentest Checklist & Security Planner

Guides users through a comprehensive, multi-phase methodology for planning, executing, and remediating professional penetration tests.

Fact-Checking & Self-Assessment

Validates factual claims, assesses implementation quality, and ensures AI outputs meet production-grade standards through automated self-verification.

Windows Privilege Escalation Assistant

Provides systematic methodologies and commands for discovering and exploiting privilege escalation vulnerabilities on Windows systems during security audits.

CSP & SRI Security Debugger

Debugs and resolves Content Security Policy (CSP) and Subresource Integrity (SRI) violations in Astro-based web applications.

Unit Test Generator

Generates robust pytest suites for Python applications with specialized support for fixtures, parametrization, and PyTorch-based operations.

Frontend Debug

Debugs frontend UI/UX issues, console errors, and network failures through empirical browser observation and systematic investigation using Chrome DevTools.

File Path Traversal Security Testing

Performs comprehensive security audits to identify, exploit, and mitigate file path traversal and Local File Inclusion (LFI) vulnerabilities.