Security & Testing Claude 스킬

Engineering Vibe Audit

Conducts a rigorous 20-metric technical audit to evaluate code quality, production readiness, and AI-generated slop.

Testing Test Writing

Implements Jest-based unit and integration testing patterns for backend services following a behavior-driven approach.

End-to-End Testing Framework

Generates automated end-to-end test scripts using Playwright, Cypress, or Selenium to validate complex user workflows.

Smoke Test Runner

Executes rapid automated smoke tests to verify critical application functionality and system health after deployments or configuration changes.

Skill TDD and Validation

Validates and refines process documentation using a Test-Driven Development cycle to ensure reliability under high-pressure scenarios.

Testing Skills With Subagents

Applies Test-Driven Development principles to process documentation to ensure agents follow complex rules under pressure without rationalizing failures.

Full Stack Debugger

Identifies and resolves complex software issues across UI, backend, and database layers using a systematic, iterative debugging workflow.

SQL Injection Detector

Identifies and remediates SQL injection vulnerabilities within codebases to ensure application security and robustness.

Security & Authentication Specialist

Implements production-ready authentication systems, role-based access controls, and comprehensive security architectures with regulatory compliance.

Database Security Scanner

Performs comprehensive security audits and vulnerability assessments for PostgreSQL and MySQL databases using OWASP guidelines.

Security Misconfiguration Finder

Audits infrastructure-as-code and application configurations to proactively identify and remediate security vulnerabilities.

Performance Test Suite

Automates the design, execution, and analysis of load, stress, and endurance tests to identify system bottlenecks and optimize application performance.

Mutation Test Runner

Validates test suite quality by introducing code mutations and measuring the detection effectiveness of existing test cases.

Test Doubles Generator

Automates the creation of mocks, stubs, spies, and fakes to isolate dependencies and accelerate unit testing workflows.

CSRF Protection Validator

Audits web application endpoints and cookie configurations to detect and remediate Cross-Site Request Forgery (CSRF) vulnerabilities.

Access Control Auditor

Audits access control configurations to identify security vulnerabilities, misconfigurations, and privilege escalation risks in IAM policies and network ACLs.

Input Validation Scanner

Scans source code to detect and mitigate input validation vulnerabilities like SQL injection and XSS.

Security Headers Analyzer

Analyzes website HTTP security headers to identify vulnerabilities and provide actionable improvement recommendations.

Testing Guidelines

Enforces rigorous testing standards including strict assertions, minimal mocking, and clear naming conventions for high-quality test suites.

Intelligent Bug Diagnosis & Fix

Diagnoses and resolves runtime errors by aligning source code with project contracts and architectural context.

Precommit Build Validator

Validates code changes by running precommit checks, automated builds, and battery-aware test suites.

Session Security Checker

Audits and secures session management implementations within your codebase to prevent vulnerabilities like session fixation and hijacking.

Test Environment Manager

Orchestrates and manages isolated, reproducible test environments using Docker Compose and Testcontainers.

Bats Shell Testing Patterns

Provides comprehensive patterns and best practices for writing automated unit tests for shell scripts using the Bats framework.

Web Application Testing

Tests local web applications using Playwright scripts with automated server lifecycle management and DOM inspection capabilities.

Test Environment Manager

Orchestrates isolated, reproducible test environments using Docker Compose and Testcontainers to streamline software testing workflows.

AI Code Reviewer

Performs systematic code audits to identify security vulnerabilities, logic bugs, and maintainability issues with actionable feedback.

Story-Driven Acceptance Testing

Guides Product Owners through manual verification steps to validate features before they are merged into production.

Integration Test Runner

Automates the setup, execution, and cleanup of integration test suites including database orchestration and service management.

LangGraph SITNOVA Security Automation

Implements stateful AI operator flows for automated security gate systems using the LangGraph framework and real-time OCR integrations.