Security & Testing Claude 技能

Error Detective

Implements a systematic TRACE framework to identify, analyze, and resolve complex software errors efficiently.

.NET Test Runner

Executes .NET unit tests, generates code coverage reports, and runs performance benchmarks using the dotnet CLI.

Code Reviewer

Performs automated code reviews with security scanning, quality metrics, and performance analysis to ensure production-grade code.

Dependency Checker

Analyzes project dependencies for security vulnerabilities, outdated packages, and license compliance across multiple programming languages.

OpenWebF DevTools Debugging

Debugs WebF application runtime issues using Chrome DevTools to inspect console logs, network requests, and DOM elements.

GDPR Compliance Scanner

Automates GDPR compliance audits by scanning applications and data systems for privacy violations and regulatory gaps.

Claude Code Permission Security

Manages enterprise-grade security policies and tool access controls for Claude Code environments.

SOC2 Audit Helper

Simplifies SOC2 compliance by automating evidence collection, security control analysis, and readiness report generation.

Error Handling Patterns

Implements robust error handling strategies and resilient application patterns across multiple programming languages to ensure software stability.

E2E Testing Patterns

Implements robust end-to-end testing architectures using Playwright and Cypress to ensure application reliability and prevent regressions.

SDR Test Harness Runner

Automates regression testing and parameter sweeps for Software Defined Radio (SDR) signal processing using WaveCap-SDR.

CI/CD Secrets Management

Implements secure handling, storage, and rotation of sensitive credentials across major CI/CD platforms and cloud providers.

Data Privacy Scanner

Scans codebases and configurations to identify PII leaks, compliance violations, and potential data privacy vulnerabilities.

Kubernetes Security Policies

Implement defense-in-depth Kubernetes security through network policies, RBAC configurations, and pod security standards.

Invisible Auto-Debugging

Automatically repairs code errors and build failures while hiding technical complexity and stack traces from the user.

Automated OWASP Security Check

Automates OWASP-aligned security audits and vulnerability remediation on all AI-generated code.

PCI Compliance & Secure Payments

Implements PCI DSS requirements to secure payment card data and maintain industry-standard payment processing security.

Debugging Strategies

Provides systematic techniques and diagnostic tools to identify, isolate, and resolve complex software bugs across various technology stacks.

Web App Testing Toolkit

Streamlines local web application testing and browser automation using Playwright-powered Python scripts and automated server management.

Verification Gate

Ensures project stability and code quality by running a silent, comprehensive validation suite before confirming task completion.

Secrets Management for CI/CD

Implements secure credential handling and secret rotation across major cloud providers and CI/CD platforms to prevent sensitive data leaks.

OpenWebF Security Suite

Conducts comprehensive security audits for OpenWebF applications focusing on remote content, XSS prevention, and store compliance.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor cycle to ensure all production code is justified by a failing test.

Test-Driven Development (TDD)

Enforces a strict Red-Green-Refactor cycle to ensure code reliability by requiring failing tests before any implementation code is written.

Security Code Review Agent

Conducts comprehensive security audits to identify vulnerabilities like SQL injection and XSS while providing actionable remediation guidance.

Kiro Spec Detector

Identifies modified Kiro specification files by comparing current branch changes against a base branch for optimized testing.

Secret Scanner

Scans codebases for exposed secrets, API keys, and credentials to prevent security vulnerabilities and data leaks.

Global Validation

Implements comprehensive end-to-end data validation and sanitization across client and server layers to ensure application security and data integrity.

DotNet Test Triage

Automates .NET test failure analysis by capturing failing cases and generating optimized rerun filters.

Security Vulnerability Validation

Validates security scan results by performing reachability analysis and generating proof-of-concept exploits to confirm real-world exploitability.