Security & Testing Claude 스킬

Systematic Debugging

Eliminates trial-and-error coding by enforcing a rigorous, four-phase root cause analysis process before any code changes are made.

Verification Before Completion

Enforces a strict evidence-first workflow by requiring fresh verification evidence before any completion claims are made.

WCAG Accessibility Audit Patterns

Conducts comprehensive WCAG 2.2 accessibility audits through automated testing, manual verification, and detailed remediation strategies.

OpenSpec Change Verifier

Validates that code implementations align perfectly with specified tasks, design requirements, and technical documentation before archiving.

OpenSpec Change Verification

Verifies that code implementations align with specifications, tasks, and design documents using the OpenSpec framework.

Quality Assurance & Standards

Enforces code quality standards and guides developers through pre-commit verification workflows to ensure release readiness.

Searchlite Unit Testing

Implements standardized patterns for writing hermetic, deterministic unit tests for the Searchlite embedded search engine.

IDOR Vulnerability Testing

Provides systematic methodologies for detecting, exploiting, and remediating Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.

SDLC Code Analyzer

Performs multi-domain codebase audits to identify bugs, technical debt, security vulnerabilities, and documentation gaps.

Windows Privilege Escalation Guide

Provides systematic methodologies and commands for discovering and exploiting privilege escalation vulnerabilities on Windows systems.

Security Ownership Mapper

Maps repository ownership and identifies security risks by analyzing git history and file co-change patterns.

Consumer-Centric Test Coverage

Enhances microservice reliability by building robust, consumer-focused test suites that hit high code coverage targets.

Vue Test Utils Testing Patterns

Implements robust Vue 3 component testing patterns using Vue Test Utils and Vitest for reliable UI verification.

Searchlite Bug Hunting Workflow

Implements a structured, reproduction-first workflow for identifying and fixing bugs within the Searchlite search engine ecosystem.

Test Design & Strategy

Guides the creation and refinement of robust test suites across unit, integration, and E2E layers using proven software quality patterns.

Adversarial Content Reviewer

Analyzes content through a skeptical lens to identify flaws, inconsistencies, and potential weaknesses.

Test Architecture & Design

Automates system-level testability reviews and epic-level test planning by detecting the current project phase.

Test Plan Generator

Generates comprehensive, risk-based test plans and QA checklists to ensure feature reliability and catch edge cases.

Playwright E2E Testing

Implements robust end-to-end testing patterns using Playwright to verify critical user workflows with an accessibility-first approach.

Burp Suite Web Security Testing

Performs comprehensive web application security audits by intercepting HTTP traffic, modifying requests, and identifying vulnerabilities using Burp Suite.

Gemini Large Context Review

Leverages Gemini's 2M token context window to perform deep, advisory-only reviews of large codebases, logs, and documentation within Claude Code.

Issue Validator

Validates GitHub issues against current codebases to confirm reproducibility and recommend technical solutions.

NFR Architecture Validator

Assess and validates critical non-functional requirements like performance and security before release using evidence-based workflows.

Systematic Debugging

Implements a rigorous four-phase workflow to identify root causes and eliminate bugs without introducing new regressions.

Vitest Testing

Accelerates unit testing and assertions using the Vitest framework with Jest-compatible APIs and native Vite integration.

Python Testing Standards

Enforces rigorous Python testing standards through behavioral patterns, naming conventions, and coverage benchmarks.

API Security Fuzzing & Bug Bounty Toolkit

Conducts comprehensive security assessments and fuzzing on REST, GraphQL, and SOAP APIs to identify vulnerabilities like IDOR, injection, and authentication bypasses.

Antifragility Systems Design

Implements resilient architectures and mental models that allow systems to thrive under volatility and gain strength from stressors.

API Security Best Practices

Implements industry-standard security patterns and protection strategies for REST, GraphQL, and WebSocket APIs.

Fault Tree Analysis

Performs top-down deductive root cause analysis to identify system vulnerabilities and failure paths using Boolean logic.