Security & Testing Claude 스킬

Penetration Testing Adapter

Automates web application security audits and vulnerability scans to identify OWASP Top 10 threats.

Security Audit

Conducts comprehensive security vulnerability assessments using over 120 specialized checks including OWASP compliance and database security.

Rigorous Validation

Enforces reproducible testing and evidence-driven verification to ensure code quality before merging.

Scalekit Session Management

Implements secure, encrypted session management using Scalekit tokens with automated refresh logic and industry-standard cookie attributes.

Systematic Debugging (Czech Support)

Implements a systematic, TDD-driven debugging workflow that identifies root causes and verifies fixes through hypothesis testing and localized Czech triggers.

Verification Loop

Automates a comprehensive six-phase quality assurance workflow to ensure code is production-ready before submission.

Scalekit Full-Stack Logout Implementation

Automates the creation of secure OIDC logout flows for Scalekit integrations across major backend frameworks.

Professional TDD Workflow

Enforces rigorous test-driven development practices with comprehensive unit, integration, and E2E coverage requirements.

Codebase Stability Audit

Performs comprehensive health checks on your project to ensure stability, security, and best practices across 98+ distinct parameters.

Engineering Verification

Enforces an evidence-based verification protocol to ensure all code changes are validated with fresh command output before completion.

Security & Safety Mindset

Implements proactive threat modeling, least-privilege design, and robust safety guardrails into every code change.

Test-Driven Development (TDD)

Enforces a disciplined Red-Green-Refactor cycle by requiring failing tests before any production code is written.

MCP Protocol Compliance Testing

Validates Model Context Protocol (MCP) implementations for JSON-RPC 2.0 compliance, schema integrity, and async execution reliability.

Access Control Patterns

Implements secure authorization logic by auditing and applying RBAC, ABAC, and IDOR prevention patterns.

Python Code Review & Linting

Automates Python code analysis to enforce security standards, fix anti-patterns, and maintain strict linting using Ruff and Mypy.

Authentication & Session Security

Secures applications by implementing JWT validation, OAuth2 flows, and robust session management patterns.

Security Testing

Hardens software applications by providing comprehensive security auditing, vulnerability scanning, and penetration testing guidance.

Pytest Modern Test Patterns

Implements high-quality Python testing suites using modern pytest structures, the AAA pattern, and advanced fixture management.

Advanced JS Mocking Patterns

Master complex testing scenarios in Jest and Vitest using advanced module mocking, spies, and temporal control techniques.

Test Execution Manager

Orchestrates automated test suites using subagents with intelligent incremental timeout escalation and comprehensive coverage verification.

TypeScript Component Testing

Implements industry-standard Jest, Vitest, and React Testing Library patterns to ensure robust, accessible frontend components.

Firebase Authentication Patterns

Implements secure Firebase Authentication flows including OAuth, session management, and server-side protected routes.

Eval Harness for Claude Code

Implements a formal Eval-Driven Development (EDD) framework to ensure AI-generated code meets quality standards and avoids regressions.

TDD Workflow & Test Automation

Enforces rigorous test-driven development practices and high code coverage standards to ensure reliable software delivery.

Verification Loop

Automates a multi-phase quality assurance workflow to validate builds, types, tests, and security before code submission.

Testing Anti-Pattern Guardrails

Enforces high-quality testing practices by identifying and preventing common anti-patterns like testing mocks or polluting production code.

LiteJS Testing Framework

Simplifies writing, running, and debugging tests using the zero-dependency LiteJS testing framework for Node.js and browsers.

Security Review & Audit

Implements rigorous security checklists and industry-standard patterns to protect applications from vulnerabilities, data leaks, and unauthorized access.

Red/Blue Team Validator

Stress-tests decisions, strategies, and architectures through iterative adversarial Red/Blue team simulations to uncover and mitigate vulnerabilities.

Code Quality Verification Loop

Automates multi-phase quality checks including builds, type-checking, linting, and testing to ensure production-ready code.