Security & Testing Claude 스킬

Test-First TDD Workflow

Enforces rigorous Test-Driven Development cycles by requiring failing tests before any production code is implemented.

Professional Test Design

Designs and implements robust software testing strategies across unit, integration, and end-to-end levels for any platform.

TDD Workflow

Enforces test-driven development practices with comprehensive unit, integration, and E2E test coverage.

Verification Loop

Automates a multi-stage quality gate system to validate builds, types, linting, tests, and security before PR submission.

Eval Harness

Implements an eval-driven development framework to systematically validate features and track regressions using pass@k metrics.

Automated Test Coverage Optimizer

Analyzes codebase test coverage reports to automatically generate missing unit, integration, and end-to-end tests.

Mallory Threat Intelligence API

Integrates real-time threat intelligence data into Claude to analyze vulnerabilities, threat actors, exploits, and malware.

Vulnerability Escalation & Analysis

Analyzes privilege escalation paths and maps vulnerability chains across infrastructure to identify and mitigate security risks.

BDD Feature Discovery

Facilitates interactive Behavior-Driven Development sessions to explore system requirements, define business rules, and generate structured Gherkin feature files.

OpenSpec Change Verification

Validates that code implementations align perfectly with specified requirements, design documents, and task lists before archiving changes.

Web Application Testing

Automates and tests local web applications using Playwright with integrated server lifecycle management.

Web Application Testing Toolkit

Facilitates end-to-end testing and interaction with local web applications using automated Playwright scripts and server management.

Dead Code Finder

Identifies and removes unused code, commented blocks, unreachable paths, and redundant imports to streamline codebase maintainability.

Technical Guardian

Protects codebase integrity by enforcing security standards, performance benchmarks, and offline-first architectural compliance.

OpenSpec Change Verifier

Validates that code implementations align perfectly with specifications, tasks, and design documents before archiving changes.

Critic Agent

Provides skeptical, second-opinion reviews of implementation plans and conclusions to identify logical flaws and untested assumptions.

Memory Safety Patterns

Implements memory-safe programming patterns like RAII and ownership across Rust, C++, and C to prevent critical resource management bugs.

Data Quality Frameworks

Implements robust data validation pipelines using Great Expectations, dbt tests, and formalized data contracts.

Council Codebase Intelligence

Conducts multi-agent codebase audits and architectural reviews to provide synthesized, CTO-level insights and readiness assessments.

Memory Forensics & Malware Analysis

Analyzes system memory dumps to detect malware, extract forensic artifacts, and investigate security incidents using Volatility 3 and professional acquisition tools.

Kubernetes Security Policies

Implement production-grade Kubernetes security using NetworkPolicies, Pod Security Standards, and granular RBAC configurations.

Burp Suite Web Security Testing

Performs comprehensive web application security audits by intercepting HTTP traffic, modifying requests, and identifying vulnerabilities using Burp Suite.

QA Verifier Agent

Provides rigorous, independent end-to-end verification to ensure code and outputs meet acceptance criteria beyond simple test passes.

Solidity Security

Implements industry-standard security patterns and audits Solidity smart contracts to prevent critical blockchain vulnerabilities.

Web3 Smart Contract Testing

Facilitates comprehensive smart contract testing using Hardhat and Foundry frameworks to ensure security, reliability, and gas efficiency.

Custodiet Agent Auditor

Detects and prevents AI agents from performing unauthorized actions or exceeding their defined scope.

OpenSpec Change Verifier

Validates code implementations against specifications, tasks, and design documents to ensure completeness and correctness before archiving changes.

AcademicOps QA & Verification

Provides comprehensive quality assurance, verification, and criteria design to ensure code and agent sessions meet rigorous standards.

MoonBit PBT Workflow Guide

Implements and maintains robust Property-Based Testing workflows in MoonBit repositories using the QuickCheck framework.

Testing Strategy for Rust & Tauri

Implements comprehensive testing workflows for Rust, Tauri, and frontend applications using TDD and coverage standards.