Security & Testing Claude 技能

Codex Workflow Advisor

Integrates OpenAI Codex CLI to provide expert second opinions, bug analysis, and code reviews within your development environment.

Report Bug

Generates and submits professionally formatted GitHub Issues directly from the development environment, complete with reproduction steps, technical analysis, and recommended E2E tests.

.NET Test Runner

Executes .NET unit tests, generates code coverage reports, and runs performance benchmarks using the dotnet CLI.

Global Validation

Implements comprehensive, multi-layered input validation and sanitization to ensure data integrity and prevent security vulnerabilities across all application entry points.

Frontend Accessibility

Implements inclusive user interfaces using semantic HTML, WCAG-compliant color contrast, and robust keyboard navigation.

Next.js Better-Auth Integration

Integrates the better-auth framework into Next.js applications using pre-configured middleware, API routes, and UI components.

FastAPI JWT Authentication

Implements secure JSON Web Token (JWT) authentication, password hashing, and role-based access control within FastAPI applications.

Double Check

Ensures task completion and production readiness through rigorous multi-angle verification and objective goal alignment.

Testing and Test Writing

Implements focused Pest framework tests for core user flows and critical business logic while prioritizing fast execution and behavior-driven outcomes.

Pest Testing

Provides expert guidance and implementation patterns for writing robust Pest v4 tests within Laravel applications, covering unit, feature, and browser automation.

Quality Gate Skill

Executes a comprehensive, non-destructive quality gate including linting, formatting, type safety, tests, and security checks for your codebase.

Architecture Guardian

Evaluates code changes and architectural decisions against documented principles to ensure structural integrity and adherence to design patterns.

Sample Skill

Walks through a sample workflow for creating and running unit tests.

Claude Configuration Reviewer

Reviews Claude configuration files for security vulnerabilities, structural integrity, and prompt engineering best practices.

Improving Components

Systematically enhances Claude Code components by optimizing descriptions, strengthening security, and refining tool permissions based on quality analysis findings.

Skill Quality Validator

Automatically validates Claude skills against official best practice standards to ensure quality and compliance.

E2E Playwright Diagnosis

Diagnoses and resolves End-to-End (E2E) test failures in Playwright using a systematic, tool-driven workflow.

Root Cause Tracing

Traces software bugs backward through the call stack to identify and resolve original triggers rather than symptoms.

Full Stack Debugger

Identifies and resolves complex software issues across UI, backend, and database layers using a systematic, iterative debugging workflow.

Recruitment Fake Data Generator

Generates realistic, UK-focused synthetic recruitment data including candidate profiles, job postings, and client records for testing and development.

LangGraph SITNOVA Security Automation

Implements stateful AI operator flows for automated security gate systems using the LangGraph framework and real-time OCR integrations.

Code Review

Reviews code changes and pull requests using principles from 'A Philosophy of Software Design' to minimize complexity and improve architectural depth.

Anthropic Web Testing

Facilitates end-to-end testing and interaction with local web applications using Playwright scripts and automated server management.

Debugging Process

Implements a systematic debugging methodology using root cause analysis and evidence-based investigation to resolve complex software issues.

Python Code Review Expert

Performs deep, context-aware Python code reviews on changed files to identify security vulnerabilities, performance bottlenecks, and architectural issues.

Defense-in-Depth Validation

Implements a multi-layered validation strategy to catch bugs at every system boundary and make structural failures impossible.

Testing Test Writing

Implements Jest-based unit and integration testing patterns for backend services following a behavior-driven approach.

Root Cause Tracing

Systematically traces bugs backward through the call stack to identify and fix the original trigger rather than just treating symptoms.

Factory Quality Validator

Ensures the quality and schema compliance of generated components through automated validation, scoring, and auto-fixing.

Condition-Based Test Waiting

Eliminates flaky tests by replacing arbitrary timeouts with smart condition polling to ensure reliable and fast async operations.