Security & Testing Claude 스킬

Structured Troubleshooting & Debugging

Implements a disciplined, multi-phase methodology to systematically diagnose and resolve complex software bugs and performance bottlenecks.

Verification Before Completion

Validates that tasks are genuinely resolved through a rigorous multi-level verification protocol before marking them as done.

Python Testing Strategy

Standardizes Python testing practices for FastAPI, Django, and Flask using modern pytest conventions and fixtures.

Rust Test-Driven Development

Enforces the Red-Green-Refactor cycle in Rust projects using cargo test to ensure high-quality, bug-free code through iterative testing.

Rust Testing Rules

Standardizes Rust unit and integration testing workflows by enforcing best practices for mocks, test structures, and the testing pyramid.

Java & Spring Boot Testing Strategy

Implements comprehensive Java and Spring Boot testing conventions using JUnit 5, Mockito, and Testcontainers.

Universal Testing Strategy

Provides language-agnostic testing principles to ensure robust, maintainable, and high-quality codebases.

Web Application Testing

Automates the interaction and testing of local web applications using Playwright scripts and built-in server management.

Vitest Migration & Testing Guide

Accelerates the transition from Jest to Vitest and provides expert guidance on configuring high-performance TypeScript testing environments.

API Security Testing

Conducts comprehensive security audits and penetration tests on REST and GraphQL APIs to identify vulnerabilities like IDOR, injection, and authorization flaws.

Active Directory Attack Toolkit

Conducts professional Active Directory penetration testing and security assessments using industry-standard tools and methodologies.

Mobile App Pentesting

Conducts comprehensive security audits and penetration testing for Android and iOS mobile applications.

Cloud Security Exploitation

Identifies and exploits security misconfigurations across AWS, Azure, and GCP environments to harden cloud infrastructure.

Container Security & Escape Expert

Conducts deep security assessments and penetration tests for Docker and Kubernetes environments to identify and exploit vulnerabilities.

Security File Transfer Techniques

Facilitates advanced file transfers and data exfiltration across Linux and Windows using diverse protocols and living-off-the-land techniques.

Linux Privilege Escalation

Identifies and exploits Linux privilege escalation vectors including SUID binaries, sudo misconfigurations, and kernel vulnerabilities.

Network Service Enumeration

Performs professional-grade discovery, enumeration, and security assessment of network services and database protocols.

Password Attacks & Credential Cracking

Conducts professional password hash cracking, credential spraying, and authentication brute-force attacks using industry-standard tools.

Phishing and Social Engineering Toolkit

Conducts authorized social engineering assessments, phishing simulations, and credential harvesting to test organizational security awareness.

Web3 & Smart Contract Security

Audits and identifies vulnerabilities in smart contracts and Web3 applications using expert penetration testing techniques.

Windows Privilege Escalation Expert

Provides expert guidance and automated command patterns for escalating privileges on Windows systems during security audits.

Load Testing Adapter

Generates and executes comprehensive load test scripts to validate application performance and identify architectural bottlenecks.

Playwright E2E Testing

Automates end-to-end web testing using Playwright with a focus on accessibility-first locators and robust Page Object Models.

Vue Test Utils Patterns

Implements standardized testing patterns for Vue 3 components using Vue Test Utils and Vitest.

Frontend Unit Testing

Streamlines the creation and maintenance of robust unit tests for frontend applications using modern libraries like Vitest and React Testing Library.

E2E Testing Guide

Guides the implementation and optimization of end-to-end testing strategies using Playwright and Cypress for robust frontend applications.

Requirement Implementation Verifier

Validates that product requirements from planning documents are accurately reflected in implementation code before pull requests.

Dialog & Sheet Safety Verifier

Verifies interaction safety, state initialization, and UX consistency for Radix UI Dialog and Sheet components.

Data Consistency Verifier

Validates TypeScript types, Zod schemas, and mock data against business rules to ensure structural and logical integrity.

Dogfood QA Explorer

Conducts systematic exploratory QA testing on web applications to identify bugs and UX issues with comprehensive reproduction evidence.