Security & Testing Claude 스킬

SecLists Web-Shells Collection

Provides a curated library of web shell samples for security research, detection system testing, and authorized penetration testing.

Technical Constraint Extractor

Extracts and documents external ecosystem constraints to ensure software compliance and architectural alignment.

Automated Test Coverage Generator

Automatically generates comprehensive unit, edge, and boundary tests to resolve code coverage gaps and validate business requirements.

Requirement Traceability & SDLC Mapping

Standardizes requirement tracking across the software development lifecycle using structured REQ-* key patterns and validation rules.

Solidity Security & Smart Contract Auditing

Implements industry-standard security patterns and audits smart contracts to prevent critical blockchain vulnerabilities.

TDD Red Phase Actuator

Automates the initial stage of Test-Driven Development by generating failing test cases from requirements before implementation begins.

Seven Questions Checklist

Validates software engineering principles through a rigorous seven-point quality gate to ensure excellence before any code implementation begins.

Requirements Quality Validator

Validates software requirement documentation for clarity, testability, and traceability before moving to the design phase.

Requirement Traceability & AI SDLC

Standardizes requirement key patterns and automates traceability across the entire software development lifecycle.

AISDLC Code Quality Principles

Validates code compliance against seven core engineering principles including TDD, modularity, and technical debt reduction.

Code Principles Validator

Validates and enforces seven core engineering principles to ensure code quality, test coverage, and architectural integrity.

Requirement-Aware Test Coverage Reporter

Generates comprehensive test coverage reports that map code execution to specific project requirements and identify critical testing gaps.

Web Application Testing

Automates the testing and debugging of local web applications using Playwright scripts and integrated server management.

Error Handling Patterns

Implements robust error handling strategies across multiple programming languages to build resilient, fault-tolerant applications.

Stateful Rule Designer

Designs complex stateful Detection & Response (D&R) rules for LimaCharlie to correlate events over time and track process tree relationships.

Sigma Rule Deployer

Deploys and manages Sigma, Soteria, and SOC Prime rulesets within the LimaCharlie security ecosystem to enhance threat detection capabilities.

Secrets Guardian

Secures codebases by preventing accidental credential leaks through automated scanning and pre-commit hook integration.

Web Application Testing Toolkit

Automates and tests local web applications using Playwright with integrated server lifecycle management.

Testing Core Patterns

Standardizes cross-language testing strategies including unit, integration, and E2E patterns for robust software delivery.

LimaCharlie Extension Developer

Guides the development, testing, and deployment of custom LimaCharlie extensions to integrate third-party tools and automate security workflows.

Systematic Debugging

Enforces a rigorous four-phase framework to identify root causes and verify solutions for complex software bugs and test failures.

Defense-in-Depth Validation

Implements multi-layered data validation patterns to eliminate bugs by making them structurally impossible across entry points, business logic, and environment guards.

File Deleter

Replaces standard deletion commands with a safe, recoverable trash system that preserves directory structure and prevents accidental data loss.

Root Cause Tracing

Traces software bugs backward through the call stack to identify and resolve original triggers rather than symptoms.

E2E Testing Patterns

Implements robust end-to-end testing suites using Playwright and Cypress to ensure application reliability and prevent regressions.

Hashing Passwords

Enforces industry-standard security protocols for credential handling and password hashing to prevent critical authentication vulnerabilities.

Testing Anti-Patterns Guard

Prevents common software testing mistakes by enforcing strict TDD principles and identifying fragile mock implementations.

Solidity Security Master

Implements industry-standard security patterns and audits Solidity smart contracts to prevent vulnerabilities and optimize gas usage.

Systematic Debugging Framework

Enforces a rigorous four-phase debugging methodology to identify root causes and ensure stable, verified code fixes.

ShellCheck Script Quality

Configures and optimizes ShellCheck static analysis to ensure high-quality, portable, and error-free shell scripts.