Security & Testing Claude 스킬

Auth Implementation Patterns

Implements secure authentication and authorization systems including JWT, OAuth2, and session-based access control.

Verified Completion Guard

Enforces rigorous, evidence-based verification protocols to ensure code changes are fully validated before being marked as complete.

Testing & Test Writing

Develops strategic, behavior-focused unit and end-to-end tests using Vitest and Playwright to ensure robust application functionality and reliability.

Workscript Node Review

Reviews workscript node implementations for compliance with development blueprints, best practices, and metadata consistency.

GCP Project Auditor

Conducts comprehensive security and compliance audits of Google Cloud Platform projects to identify misconfigurations and excessive permissions.

Vault Operations

Automates HashiCorp Vault administration, secret management, and secure identity-based access control.

OpenWebF Remote Content Security

Audits and secures remote bundle loading and trust boundaries within WebF-based applications to prevent security vulnerabilities.

Keycloak IAM Manager

Manages Keycloak identity and access systems including realms, clients, authentication flows, and user federation.

Global Validation

Implements comprehensive end-to-end data validation and sanitization across client and server layers to ensure application security and data integrity.

E2E Tester

Executes automated end-to-end test scenarios for terminal-based applications by simulating human player interactions and verifying outputs.

Code Review Excellence

Enhances pull request reviews with structured checklists, constructive feedback patterns, and multi-layered analysis across logic, security, and performance.

.NET Test Runner

Executes .NET unit tests, generates code coverage reports, and runs performance benchmarks using the dotnet CLI.

Pre-Commit Validator

Automates pre-commit checks for TypeScript type safety, test execution, code coverage, and Git branch compliance.

Backend Test-Driven Development

Guides the development of NestJS backends using a strict, iterative Test-Driven Development (TDD) methodology.

Hookify Rule Engine

Standardizes the creation and configuration of project-specific rules to monitor Claude's actions and enforce development best practices.

TypeScript Expert

Applies expert-level guidelines to write, review, and refactor TypeScript code for maintainability, type safety, and performance.

Validation Checklist

Guides software projects through a standardized pre-delivery validation process for backend and frontend code.

SEMO Integrated Quality Audit

Audits the entire SEMO monorepo for package quality, standards compliance, and structural inefficiencies.

SEMO Package Validator

Validates the structural integrity and rule compliance of SEMO framework packages and Sub-Agents.

Sandbox Test Runner

Executes interactive sandbox tests for Claude Code skills and commands in isolated environments to validate functionality and prevent regressions.

Test Helper

Generates and runs integration tests for TypeScript/JavaScript applications using the Bun test runner.

Testing Workflow

Executes comprehensive test suites including unit, integration, E2E, and mutation tests to validate code changes and ensure quality.

Testing Testing

Guides the implementation of software testing according to established coding standards and best practices.

Test-Driven Development (TDD) Workflow

Enforces a strict Red-Green-Refactor cycle to ensure code reliability through mandatory test-first implementation.

CLI Testing Patterns

Standardizes CLI application testing across Node.js and Python using industry-standard frameworks and best practices.

Plugin Self-Tester

Runs comprehensive self-tests to verify plugin integrity, validate agent routing, and ensure hook compatibility within the PopKit ecosystem.

Admin Dashboard QA Workflow

Orchestrates a rigorous, multi-phase QA workflow for implementing, modifying, and fixing admin dashboard features.

PCI Compliance & Secure Payments

Secures payment systems by implementing PCI DSS requirements, including tokenization, encryption, and strict data handling protocols.

Website Review

Conducts comprehensive QA reviews of websites by automating visual inspection, error detection, accessibility audits, and performance testing.

Test Compliance Validator

Validates test code quality by detecting fake success patterns, improper mocking, and ensuring robust integration testing standards.