Security & Testing Claude 스킬

Modern Web Best Practices

Audits and modernizes web projects to ensure high standards of security, browser compatibility, and performance.

Windows Privilege Escalation Guide

Provides systematic methodologies and commands for discovering and exploiting privilege escalation vulnerabilities on Windows systems during security assessments.

Global Validation

Implements robust server-side validation, data sanitization, and allowlisting to ensure application security and data integrity.

Global Validation

Implements comprehensive input validation and sanitization strategies to ensure data integrity and security across all entry points.

SMTP Penetration Testing

Performs comprehensive security audits and vulnerability assessments on SMTP mail servers to identify misconfigurations and exposure risks.

Scalekit Authentication

Implements secure authentication, enterprise SSO, and MCP server OAuth 2.1 flows using Scalekit across various web frameworks and APIs.

Network 101 Lab Setup

Configures and tests essential network services like HTTP, HTTPS, SNMP, and SMB for security research and penetration testing labs.

Verified Completion Guard

Enforces a strict evidence-first protocol by requiring verified command outputs before any claims of task completion or success.

Verification Before Completion

Enforces rigorous, evidence-based confirmation through command execution before any work is marked as complete or committed.

Probitas Setup

Initializes Probitas environments and configures end-to-end testing frameworks for your project.

Verification & Quality Assurance

Ensures codebase reliability and agent output quality through automated truth scoring, multi-dimensional verification checks, and instant rollbacks.

Rails Testing Suite

Provides comprehensive guidance and code patterns for writing robust RSpec and Minitest tests in Rails 7+ applications.

Probitas Test Framework Helper

Simplifies backend E2E testing by providing instant documentation and implementation patterns for the Probitas framework.

Comprehensive Code Reviewer

Performs an exhaustive 30-point automated code review covering security, architecture, performance, and UX in parallel.

Pre-Merge Code Review

Conducts comprehensive, multi-dimensional code reviews by running parallel agents to evaluate correctness, security, testing, and maintainability.

Security Review Workflow

Performs a multi-dimensional security audit by running parallel review agents and generating actionable remediation tasks.

Red Team & Bug Bounty Methodology

Automates professional reconnaissance and vulnerability discovery workflows using industry-standard red teaming tools and methodologies.

Security Scanning

Performs automated security audits to detect hardcoded secrets, OWASP vulnerabilities, and insecure dependency versions in codebases.

Systematic Test Debugger

Diagnoses failing tests through a structured workflow of stack tracing, input verification, and comprehensive reporting.

QA Strategy & Test Planning

Generates comprehensive, risk-based test plans and QA strategies to ensure software quality and reliability.

LabTrack Testing Strategy

Standardizes multi-layer testing workflows including Playwright E2E, Vitest components, and automated UI verification.

Rainbow Teaming Red Agent

Systematically identifies and evaluates LLM vulnerabilities using a comprehensive 10x10 quality-diversity taxonomy for adversarial testing.

Systematic Debugging

Implements a root-cause-first approach to troubleshooting bugs, test failures, and unexpected software behaviors.

Vue.js Debugging Assistant

Diagnoses and resolves Vue.js 3 application issues ranging from reactivity failures to SSR hydration mismatches.

Smoke Test Critical Paths

Validates end-to-end business flows and critical user journeys to ensure production readiness during release cycles.

Playwright E2E Testing

Automates the creation of resilient, maintainable end-to-end tests using Playwright best practices and robust selector strategies.

Python Test Coverage Optimizer

Increases repository test coverage by identifying logic gaps, proposing high-impact test cases, and automating the verification workflow.

Auth Smoke Testing

Automates comprehensive authentication and authorization smoke tests to validate login flows, token security, and access control during release cycles.

Bazzite AI Runtime Verification

Verifies Bazzite AI installations through comprehensive runtime tests for GPU detection, CUDA functionality, and service health.

Agent Evaluation Framework

Evaluates AI agent performance using multi-dimensional rubrics, LLM-as-judge patterns, and complexity-stratified test sets.