Security & Testing Claude 技能

Advanced Error Resolution

Diagnoses software errors through root cause analysis and automates verified bug fixes using Codex delegation.

Security Scan

Performs deep, whole-codebase security audits using extensive context windows to detect vulnerabilities, logic flaws, and cross-module data flow issues.

Systematic Debugging

Enforces a rigorous, four-phase debugging framework to identify root causes and implement verified fixes without trial-and-error thrashing.

Debugging Strategies

Employs systematic methodologies and advanced profiling tools to identify, isolate, and resolve complex software bugs across multiple tech stacks.

Python Testing Patterns

Implements comprehensive Python testing strategies using pytest, mocking, and fixtures to ensure code reliability and high coverage.

Hook Development for Claude Code

Automates and secures Claude Code workflows using event-driven hooks for tool validation and session management.

Advanced E2E Testing & TDD Orchestrator

Enforces rigorous end-to-end testing protocols and routes tasks to specialized web and desktop automation tools using a TDD-first approach.

SaaS Tenant Data Isolation

Implements advanced cryptographic isolation and secure key management for multi-tenant SaaS applications.

Linux Desktop Automation & Testing

Automates and tests Linux desktop applications across Wayland and X11 environments using native tools and D-Bus interfaces.

Secrets Management

Designs and implements secure storage, rotation, and lifecycle patterns for credentials, API keys, and certificates.

macOS Desktop Automation (Hammerspoon)

Automates macOS native applications and system workflows using Hammerspoon for end-to-end testing and desktop control.

Bluebook Audit Verification

Verifies Bluebook citation corrections in DOCX files by re-scanning for formatting, cross-references, and signal consistency.

Web Application Testing

Automates end-to-end testing and UI debugging for local web applications using Python and Playwright.

Chainguard Container Image Migration

Automates the migration of Dockerfile FROM statements to secure, minimal Chainguard container images.

Second Opinion

Cross-validates architectural decisions, security logic, and complex refactoring by leveraging secondary AI models for high-stakes code reviews.

GDPR Compliance Planner

Provides comprehensive guidance and implementation patterns for building GDPR-compliant data systems and privacy controls.

Chaos Engineering Fundamentals

Implements proactive resilience testing through controlled fault injection experiments to discover system weaknesses before they cause outages.

TDD Workflow Assistant

Enforces a rigorous Test-Driven Development (TDD) methodology through the Red-Green-Refactor-Commit cycle for high-quality software delivery.

Apache License 2.0 Compliance Guide

Ensures derivative software projects adhere to Apache License 2.0 requirements for attribution, documentation, and redistribution.

Bats Testing Patterns

Implements comprehensive unit testing and TDD patterns for shell scripts using the Bash Automated Testing System (Bats).

Security Test Planning

Develops comprehensive security testing strategies including OWASP alignment, penetration test scoping, and automated SAST/DAST integration.

Authorization Models & Access Control

Provides comprehensive architectural guidance and implementation patterns for RBAC, ABAC, ACL, and ReBAC permission systems.

Holochain Tryorama Testing

Facilitates comprehensive testing for Holochain applications using Tryorama through multi-agent simulations, performance benchmarking, and complex economic workflow validation.

TDD Workflow Pro

Enforces a strict Test-Driven Development cycle with mandatory failing tests, execution gates, and comprehensive logging for reliable software implementation.

SaaS Compliance Frameworks

Implements security controls and regulatory patterns for SOC 2, GDPR, HIPAA, and other SaaS compliance frameworks.

Zero Trust Architecture

Implements zero-trust security principles including ZTNA, micro-segmentation, and identity-first access for cloud-native applications.

CodeQL Security Analysis

Interprets CodeQL SARIF outputs to identify, validate, and remediate complex security vulnerabilities through deep semantic dataflow analysis.

Security Reviewer

Performs comprehensive security audits, threat modeling, and SLSA compliance checks to ensure production-grade software security.

Debug Mode

Implements a systematic, 7-step debugging workflow to identify, trace, and resolve software bugs efficiently.

Breenix Register Watch

Provides a systematic framework for debugging register corruption and context switch issues within the Breenix kernel using GDB.