Security & Testing Claude 스킬

Infrastructure Integration Test Generator

Automates the creation of Java-based database integration tests for infrastructure layers using Maven Failsafe.

Kosmos E2E Testing Suite

Automates comprehensive end-to-end testing for the Kosmos autonomous AI scientist project across local and cloud LLM providers.

End-to-End Browser Testing Agent

Performs autonomous end-to-end browser testing with parallel research, visual validation, and database verification.

Test Design Patterns

Implements industry-standard testing strategies and patterns to improve code quality and test suite reliability.

TDD Red-Green-Refactor Workflow

Guides the implementation of Test-Driven Development using the Red-Green-Refactor cycle and industry-standard testing patterns.

TRIZ Beforehand Cushioning

Implements proactive safety measures and emergency fail-safes to mitigate high-risk system failures.

TDD Workflow

Implements a rigorous Test-Driven Development cycle to ensure code quality and reliability through the Red-Green-Refactor pattern.

FMEA Risk Analysis

Systematically identifies potential failure modes and prioritizes preventive actions using quantitative Risk Priority Numbers (RPN).

Security Patterns & PR Review

Performs automated security audits and PR reviews using advanced detection heuristics for vulnerabilities like SQLi, XSS, and hardcoded secrets.

Secure Coding Practices

Implements robust security patterns including input validation, secrets management, and secure authentication to protect applications from common vulnerabilities.

Go Code Audit

Audits Go codebases for common anti-patterns, goroutine leaks, and error handling issues to ensure production-grade quality.

Cypress E2E Testing Specialist

Implements robust end-to-end testing suites using Cypress patterns for resilient, deterministic, and accessible web application verification.

Web Testing & Quality Standards

Implements an inverted testing pyramid strategy using Playwright for E2E workflows and Vitest for pure function unit tests.

Tundra CLI Smoke Tester

Validates Rust CLI behavior through automated smoke checks, dry-runs, and artifact generation to ensure system stability.

MSW API Mocking

Streamlines API mocking using MSW handlers and environment-specific setups for consistent development and testing.

SaaS Testing Toolkit

Automates the writing, execution, and analysis of unit, integration, and end-to-end tests for modern SaaS applications.

Security Scan & Audit

Executes comprehensive security audits and secret detection to identify vulnerabilities before production deployments.

Next.js Supabase Auth

Implements secure, production-ready Supabase authentication flows for Next.js App Router using the @supabase/ssr package.

Playwright Page Object Model (POM) Guide

Implements maintainable and reusable Playwright E2E tests using the Page Object Model pattern.

OWASP Top 10 Security Audit

Audits source code for the most critical web application security risks with actionable remediation patterns and checklists.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure all production code is validated by failing tests before implementation.

Rigorous Verification Guard

Enforces evidence-based reporting by requiring fresh verification evidence before any claims of task completion or success.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor workflow to ensure code reliability by requiring failing tests before any implementation code is written.

Test-Driven Development (TDD)

Implements a rigorous Red-Green-Refactor workflow to build robust features and fix bugs through behavior-driven testing.

TDD Workflow Manager

Implements a rigorous red-green-refactor loop focused on behavioral testing and vertical slicing for robust software development.

PICT Test Designer

Generates optimized pairwise test cases using the PICT methodology to ensure maximum coverage with minimal test scenarios.

Web App Testing Toolkit

Facilitates end-to-end testing and UI debugging of local web applications using Playwright and automated server management.

OWASP Security Reviewer

Performs automated OWASP Top 10 security audits to identify vulnerabilities like SQL injection, XSS, and broken authentication in application code.

Deep Code Review Orchestrator

Orchestrates comprehensive multi-perspective code audits by automatically routing changes to specialized security, database, and API review agents.

MCP OAuth Integration

Secures Model Context Protocol (MCP) servers with production-ready OAuth 2.1 authorization using Scalekit.