Security & Testing Claude 스킬

Security Scanning & Audit Patterns

Automates comprehensive security vulnerability scanning, secret detection, and OWASP compliance auditing for multi-language codebases.

Newman API Testing Runner

Executes and analyzes Postman collections via the Newman CLI to automate API validation and reporting.

Breaking Change Detection

Identifies and documents backward-incompatible changes across APIs, databases, and code contracts to ensure stable versioning and smooth migrations.

Go TDD Patterns & Best Practices

Implements industry-standard Go testing patterns and conventions to ensure high-quality, testable code.

Probitas Run

Executes and validates Probitas test scenarios to ensure application reliability and identify regression errors.

TCR Practice (Test && Commit || Revert)

Implements the high-discipline TCR workflow to enforce atomic code changes and guarantee a constant state of passing tests.

Unit & Integration Testing

Provides expert guidance and best practices for writing clean, maintainable, and effective unit and integration tests using industry-standard patterns.

Obsidian Automation

Automates and controls isolated Obsidian instances for plugin development, testing, and UI verification.

Systematic Debugging

Implements a rigorous four-phase framework that enforces root cause investigation before applying fixes to complex bugs or test failures.

Code Review Excellence

Enhances software quality through systematic analysis, constructive feedback patterns, and comprehensive security and performance checklists.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, fixtures, and mocking to ensure code reliability.

Advanced Debugging

Streamlines troubleshooting across Next.js, Supabase, and React Query stacks with specialized workflows and automated diagnostic tools.

Code Reviewer

Performs automated code reviews with security scanning, quality metrics, and performance analysis to ensure production-grade code.

Acceptance Test Writing

Generates high-quality acceptance criteria and test specifications using industry-standard Behavior-Driven Development (BDD) and Gherkin syntax.

Expert Debugger & Lint Fixer

Executes a systematic, hypothesis-driven workflow to reproduce, isolate, and fix complex software bugs while ensuring code remains lint-clean and regression-free.

Procedure Checker

Validates experimental lab procedures against LA-Bench standards using automated scripts and semantic subagent analysis to ensure technical accuracy and format compliance.

OSS Solution Implementation

Implements high-quality code and comprehensive tests for open-source contributions while strictly following project standards.

Web App Testing with Playwright

Automates and tests local web applications using native Playwright scripts and managed server lifecycles.

.NET Code Security & Quality Analyzer

Performs automated static analysis, security audits, and dependency vulnerability scans for .NET projects.

Pipeline Data Validator

Ensures data integrity across the development lifecycle by validating JSON artifacts against strict Pydantic schemas.

Unit Test Generation Agent

Generates comprehensive, high-coverage unit tests for functions, React components, and hooks across multiple testing frameworks.

Root Cause Tracing

Systematically traces bugs backward through the execution chain to identify and resolve original triggers rather than treating immediate symptoms.

LimaCharlie Reporting

Generates and serves interactive HTML reports, dashboards, and data visualizations for LimaCharlie security operations data via a local web server.

Security Best Practices

Implements core security principles and defensive programming patterns to safeguard applications against common vulnerabilities.

1Password + direnv Secrets Management

Optimizes secret loading by integrating the 1Password CLI with direnv using high-performance patterns.

Web3 Smart Contract Testing

Standardizes the creation and execution of comprehensive test suites for Solidity smart contracts using Hardhat and Foundry.

Debugging Strategies

Provides systematic techniques and diagnostic tools to identify, isolate, and resolve complex software bugs across various technology stacks.

SAST Configuration & Security Scanning

Automates the setup and configuration of Static Application Security Testing (SAST) tools to detect vulnerabilities in source code across multiple languages.

Solidity Security & Audit

Implements industry-standard security patterns and audits smart contracts to prevent critical vulnerabilities in Ethereum-based applications.

CI/CD Secrets Management

Implements secure handling, storage, and rotation of sensitive credentials across major CI/CD platforms and cloud providers.