Security & Testing Claude 스킬

IDOR Vulnerability Testing

Provides systematic methodologies for detecting, exploiting, and remediating Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.

File Path Traversal Testing

Identifies and tests for directory traversal vulnerabilities to prevent unauthorized access to sensitive server-side files.

Security Scanning Tools

Conducts comprehensive security audits and vulnerability assessments across networks, web applications, and cloud environments.

Test Case Generator

Generates structured, requirement-driven test cases from PRDs and user stories to ensure comprehensive QA coverage and traceability.

Secure Skill Installer

Installs Claude skills from GitHub repositories while performing automated security scans to protect your local environment.

Strategic Challenger (The Fool)

Stress-tests plans, architectures, and decisions using structured critical reasoning and adversarial analysis to identify blind spots.

Repository Threat Modeler

Generates actionable, repository-grounded AppSec threat models to identify trust boundaries, abuse paths, and mitigations.

Engram Testing & Coverage

Enforces strict test-driven development and code coverage standards to ensure the reliability of the Engram persistent memory system.

Engram Testing & Coverage

Enforces Test-Driven Development (TDD) and rigorous code coverage standards for the Engram persistent memory system.

Firebase APK Security Scanner

Scans Android APKs for Firebase security misconfigurations like open databases, storage leaks, and exposed authentication endpoints.

Semgrep Rule Variant Creator

Ports existing Semgrep rules to multiple programming languages with automated applicability analysis and test-driven validation.

Azure Playwright Testing for TypeScript

Scales Playwright browser tests using Azure-hosted infrastructure and integrated reporting for high-speed CI/CD execution.

Mistral AI Data Privacy & Compliance

Implements PII redaction, data retention policies, and GDPR/CCPA compliance patterns for Mistral AI integrations.

Azure AI Content Safety for Java

Integrates Azure AI Content Safety capabilities into Java applications for automated text and image moderation.

Azure AI Content Safety for TypeScript

Moderates user-generated text and images for harmful content using the Azure AI Content Safety REST SDK.

Azure Compliance & Security Audit

Audits Azure environments for compliance, security vulnerabilities, and resource configuration best practices.

Azure Key Vault for TypeScript

Manages secrets, cryptographic keys, and security operations using the Azure Key Vault SDK for Node.js and TypeScript.

Azure AI Content Safety for Python

Moderates user-generated and AI-generated content by detecting harmful text and images with multi-severity classification.

Azure RBAC & Role Assignment

Identifies optimal Azure RBAC roles based on least-privilege principles and generates ready-to-use CLI commands and Bicep code for secure identity management.

Azure Key Vault Keys for .NET

Manages cryptographic keys and performs secure encryption, signing, and key rotation operations using the Azure Key Vault .NET SDK.

Azure Key Vault Keys for Rust

Manages cryptographic keys and performs secure cloud-based encryption operations using the Azure Key Vault Rust SDK.

MaintainX Enterprise RBAC

Implements enterprise-grade role-based access control and location-scoped permissions for MaintainX integrations.

API Testing Helper

Automates the generation and execution of API test suites for REST, GraphQL, and OpenAPI specifications.

Langfuse Security Basics

Secures Langfuse LLM observability integrations through credential management, PII scrubbing, and hardened self-hosting configurations.

Fabric AI Patterns

Integrates over 240 curated AI patterns directly into Claude Code for advanced content processing, security analysis, and wisdom extraction.

Juicebox Data Privacy & Compliance

Implements robust data privacy protocols and GDPR compliance for sensitive candidate and personal information within the Juicebox ecosystem.

Security Penetration Tester

Performs comprehensive security audits on web applications, APIs, and codebases to identify vulnerabilities, dependency risks, and exposed secrets.

1Password CLI Integration

Manages secure credential access and secrets injection using the 1Password CLI within Claude Code.

RCA Fix Agent

Automates the root cause analysis and bug fixing process using iterative verification and evidence-based reasoning.

Replit Pitfall Guard

Audits Replit integrations to identify and resolve common anti-patterns, security risks, and performance bottlenecks.