Security & Testing Claude 技能

Secrets Management for CI/CD

Implements secure storage, rotation, and retrieval of sensitive credentials across major CI/CD platforms and cloud providers.

Hookify Rule Architect

Simplifies the creation and management of Hookify rules to monitor, warn, and block specific patterns in Claude Code workflows.

Systematic Debugging Strategies

Implements methodical debugging techniques, profiling tools, and root cause analysis to resolve complex software issues across multiple programming languages.

Auth Implementation Patterns

Implements secure, scalable authentication and authorization systems using industry-standard patterns like JWT, OAuth2, and RBAC.

SaaS Compliance Frameworks

Implements security controls and regulatory patterns for SOC 2, GDPR, HIPAA, and other SaaS compliance frameworks.

Zero Trust Architecture

Implements zero-trust security principles including ZTNA, micro-segmentation, and identity-first access for cloud-native applications.

CodeQL Security Analysis

Interprets CodeQL SARIF outputs to identify, validate, and remediate complex security vulnerabilities through deep semantic dataflow analysis.

Security Reviewer

Performs comprehensive security audits, threat modeling, and SLSA compliance checks to ensure production-grade software security.

Hardened Outline-Driven Development

Orchestrates multi-layer validation pipelines across proofs, specifications, types, contracts, and tests to ensure rigorous software correctness.

Secrets Management for CI/CD

Implements secure secrets management practices for CI/CD pipelines using tools like Vault, AWS Secrets Manager, and native platform solutions.

Test Pyramid Design

Architects optimized test distribution strategies and identifies testing anti-patterns to ensure fast, reliable development pipelines.

Testing Strategy Framework

Implements comprehensive software testing architectures using TDD methodology, the test pyramid, and automated validation patterns.

Fail2Ban SWAG Manager

Manages Fail2Ban intrusion prevention within SWAG reverse proxy containers to secure homelab infrastructure and web services.

Python Code Review Patterns

Identifies critical security vulnerabilities, performance anti-patterns, and framework-specific logic bugs during Python code reviews.

PopKit Anthropic Compliance Assessment

Validates PopKit plugins against official Claude Code patterns and Anthropic engineering standards through automated script-based checks.

Systematic Debugging Strategies

Master professional debugging techniques, profiling tools, and root cause analysis to efficiently resolve complex bugs across any technology stack.

Quality Infrastructure Audit

Audits project quality gates including testing frameworks, CI/CD pipelines, security vulnerabilities, and linting configurations.

Lightning Issue Logger

Audits Lightning Network integrations and automatically creates structured, prioritized GitHub issues for discovered security and functional gaps.

Quality Infrastructure Fixer

Automatically audits and repairs software quality gaps by implementing test runners, CI/CD pipelines, and git hooks.

Log Quality Issues

Audits project quality infrastructure and automatically converts findings into structured, prioritized GitHub issues.

Local Development Debugger

Investigates and resolves local development issues, runtime errors, and test failures using a strict test-driven protocol.

Bitcoin Maintenance & Security

Automates the identification and remediation of Bitcoin node and wallet issues using a prioritized risk framework.

PopKit Validation Engine

Validates Claude Code plugin integrity and applies safe automatic fixes for structure, agents, and skill configurations.

Type-Driven Development

Employs Idris 2 and dependent types to encode domain constraints and verify program invariants through compile-time proofs.

Bitcoin Integration Auditor

Audits Bitcoin payment integrations by checking node connectivity, wallet health, and network configurations to ensure secure transaction processing.

Systematic Debugging Framework

Resolves complex technical issues using a rigorous four-phase methodology focused on root-cause identification rather than quick fixes.

Proof-Driven Development

Verifies software correctness and safety properties through formal proof-driven development using the Lean 4 theorem prover.

Bulloak BTT Architect

Generates structured Bulloak tree specifications and Solidity test scaffolds using the Branching Tree Technique.

Vitest v4 Testing Suite

Provides comprehensive Vitest v4 guidance for TypeScript and React/Next.js projects to help users write, debug, and maintain high-quality tests.

PopKit Security Assessment

Automates security audits for Claude Code plugins using vulnerability patterns, secret scanning, and OWASP-aligned checklists.