Security & Testing Claude 스킬

Constitution Validation

Automates project governance through discovery-based rule generation and multi-level compliance checking.

SIEM & Security Logging

Configures centralized security information and event management systems for threat detection, compliance auditing, and log aggregation.

TDD Workflow Guide

Enforces a disciplined Test-Driven Development (TDD) workflow to ensure code reliability through incremental, test-first implementation.

TypeScript Testing (Frontend)

Standardizes frontend testing workflows using Vitest, React Testing Library, and MSW for production-grade React components.

Systematic Debugger

Resolves application errors and failures through a disciplined, diagnostic-first approach optimized for solo founders.

Integration & E2E Test Designer

Designs high-ROI integration and E2E tests using behavior-first principles and property-based verification patterns.

Secure SaaS Foundation

Implements essential security protocols, authentication best practices, and data protection standards for SaaS applications built with AI tools.

SaaS Manual Testing & QA

Guides solo founders through comprehensive manual testing workflows, edge case identification, and cross-browser QA strategies.

Test Planning Orchestrator

Orchestrates the complete test planning pipeline by coordinating research, manual verification, and automated test creation.

Automated Test Planner

Generates high-impact, risk-based automated test plans for E2E, integration, and unit testing based on real manual results.

Manual Acceptance Tester

Automates the creation and execution of persistent bash-based manual test suites to verify story acceptance criteria.

Quality Pipeline Coordinator

Orchestrates a comprehensive code quality pipeline by sequencing static analysis, tech debt cleanup, AI agent reviews, and regression testing.

Code Quality & Architecture Checker

Performs automated code quality audits using quantitative metrics, architectural validation, and MCP-driven best practice research.

Promptfoo LLM Evaluation

Automates and optimizes LLM output testing and prompt evaluation using the Promptfoo framework.

QA Strategy & Testing Expert

Establishes professional QA testing processes and autonomous execution workflows using Google Testing Standards and OWASP security practices.

Repomix Safe Mixer

Protects sensitive data by automatically detecting and removing hardcoded credentials before packaging codebases with Repomix.

AI Test Research Assistant

Conducts deep research into real-world edge cases, competitor solutions, and customer pain points to ensure comprehensive test coverage.

Agent Ops Testing

Implements comprehensive test strategies, execution workflows, and confidence-based coverage analysis for high-quality software development.

Azure Compliance & Security Audit

Conducts comprehensive security audits and compliance assessments for Azure environments, including Key Vault monitoring and resource validation.

Coding Standards & Quality

Enforces production-grade coding principles, maintainability patterns, and rigorous testing workflows for software development.

Hookify Rule Architect

Enforces project standards and safety by creating custom triggers for Claude Code events like file edits and bash commands.

Systematic Debugging Strategies

Master systematic debugging techniques and root cause analysis to efficiently resolve bugs across any technology stack.

Dev Integration Testing (Gate 6)

Enforces mandatory integration testing using real containers to verify external service dependencies.

Go Dev Fuzz Testing (Gate 4)

Automates Go-native fuzz testing to discover edge cases and crashes in input-handling code.

Property-Based Testing Gate

Ensures domain logic reliability by verifying universal invariants against randomly generated inputs using Go's property-based testing tools.

Frontend E2E Testing (Gate 5)

Automates comprehensive end-to-end testing for frontend user flows using Playwright across multiple browsers and viewports.

Development Chaos Testing & Resilience

Verifies system resilience and graceful degradation by injecting faults into external dependencies using Toxiproxy.

Warden Bug Finder

Detects recurring architectural bugs and regressions in the Sentry Warden codebase by analyzing code against historical fix patterns.

Warden Sweep

Performs automated full-repository code scans to identify, verify, and remediate bugs and security vulnerabilities via draft pull requests.

Warden

Analyzes code changes using AI agents to provide automated reviews and fixes before you commit.